Null Pointer Dereference in D-Link DIR-823X Router
CVE-2025-1103

7.1HIGH

Key Information:

Vendor
D-link
Status
Dir-823x
Vendor
CVE Published:
7 February 2025

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A problematic vulnerability has been identified in D-Link DIR-823X routers, specifically in the set_wifi_blacklists function within the HTTP POST Request Handler. This weakness arises when the macList argument is manipulated, potentially leading to a null pointer dereference. Attackers can exploit this issue remotely, requiring no authentication. The details of this vulnerability have been publicly disclosed, raising concerns about the security of affected devices.

Affected Version(s)

DIR-823X 240126

DIR-823X 240802

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-1103 - Proof of Concept

References

https://vuldb.com/?id.294933
vdb-entrytechnical-description
https://vuldb.com/?ctiid.294933
signaturepermissions-required
https://vuldb.com/?submit.489603
third-party-advisory

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

hand_king (VulDB User)
.