Remote Code Execution Vulnerability in D-Link DIR 832x Router
CVE-2025-29042

Currently unrated

Key Information:

Vendor: D-Link
Status: DIR 832x
Vendor: CVE Published:; 17 April 2025

What is CVE-2025-29042?

A remote code execution vulnerability exists in the D-Link DIR 832x router, allowing attackers to execute arbitrary code through manipulation of the macaddr key value in a specific function. This flaw can be exploited by sending crafted requests, potentially compromising the router's functionality and security. Users are advised to check their devices for updates and apply any available patches to mitigate the risk.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/xyqer1/Dlink-dir-823x-set_prohibiting-...

https://gist.github.com/xyqer1/841e78a3c4029808dac8c43959...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2025
Vulnerability Reserved
Mar 11, 2025

JSON