Remote Code Execution Vulnerability in D-Link DIR-832x Router
CVE-2025-29039

7.2HIGH

Key Information:

Vendor: D-Link
Status: DIR-832x
Vendor: CVE Published:; 17 April 2025

Summary

A critical remote code execution vulnerability has been identified in the D-Link DIR-832x router, specifically in version 240802. This flaw allows attackers to execute arbitrary code on the device through the improper handling of specific functions. Exploiting this vulnerability could lead to unauthorized access and control of the affected router, posing significant security risks to users. It's essential for D-Link customers to apply necessary patches and updates to safeguard their network devices.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/xyqer1/Dlink-dir-823x-set_ntp-year-Com...

https://gist.github.com/xyqer1/734fd1d93e4c08cea55dcb1e8b...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 17, 2025
Vulnerability Reserved
Mar 11, 2025