HIGH🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2025-29635

CVSS 7.2v3.1pub. 2025-03-25upd. 2026-04-24

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 823x

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 823x Firmware

    OS
    Dlink
    240126240802

CISA KEV — detailsi

Vendori
D-Link
Producti
DIR-823X
Added to KEVi
April 24, 2026
Remediation deadline (US Federal)i
May 8, 2026(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 8 maja 2026
CWE
References

Related vulnerabilities

CVE-2025-29043CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X – command injection umożliwiający zdalne wykonanie kodu

CVE-2025-29040CRITICAL9.8PL ✓ten sam produkt

Command Injection w D-Link DIR-823X — zdalne wykonanie kodu przez parametr target_addr

CVE-2025-29042CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X: Command Injection przez parametr macaddr (RCE)

CVE-2025-29041CRITICAL9.8PL ✓ten sam produkt

Command injection w D-Link DIR-823X umożliwiający zdalne wykonanie kodu

CVE-2024-39962CRITICAL9.8PL ✓ten sam produkt

RCE w routerze D-Link DIR-823X poprzez parametr ntp_zone_val