OS Command Injection in D-Link DIR-823X Products
CVE-2025-2717

5.1MEDIUM

Key Information:

Vendor
D-link
Status
Dir-823x
Vendor
CVE Published:
25 March 2025

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A security vulnerability has been identified in D-Link DIR-823X devices, specifically impacting the HTTP POST Request Handler. This issue arises from improper handling of input in the 'diag_nslookup' function, allowing for potential OS command injection. Attackers can manipulate the 'target_addr' argument to execute arbitrary commands on the device, which may lead to unauthorized access. Given that this vulnerability can be exploited remotely, it poses significant risks to network security.

Affected Version(s)

DIR-823X 240126

DIR-823X 240802

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-2717 - Proof of Concept

References

https://vuldb.com/?id.300737
vdb-entrytechnical-description
https://vuldb.com/?ctiid.300737
signaturepermissions-required
https://vuldb.com/?submit.517958
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

.