Submeter #645712: D-Link DIR-823X <= V250416 Command Injectioninformação

TítuloD-Link DIR-823X <= V250416 Command Injection
DescriçãoThe latest version 250416 (250416) of the D-LINK DIR-823X router has an unauthorized command execution vulnerability. The specific vulnerability exists in the /usr/sbin/goahead file. When accessing the route /goform/set_static_leases and making a specific field request, arbitrary commands can be executed without authentication, achieving remote command execution and even obtaining a shell.
Fonte⚠️ https://github.com/lin-3-start/lin-cve/blob/main/DIR-823X/D-Link%20DIR-823X%20routers%20have%20an%20unauthorized%20command%20execution%20vulnerability.md
Utilizador
 QMSSDXN (UID 88719)
Submissão02/09/2025 11h01 (há 10 meses)
Moderação08/09/2025 17h19 (6 days later)
EstadoAceite
Entrada VulDB323093 [D-Link DIR-823X até 250416 set_static_leases sub_415028 Nome do host Elevação de Privilégios]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!