| Title | D-Link DIR-823X DIR-823x 250416, 240802, 240126 Command Injection |
|---|
| Description | The D-Link DIR-823xis a wireless router product released by D-Link Corporation.
The D-Link DIR-823x contains a command execution vulnerability. This vulnerability stems from the file `/usr/sbin/goahead` failing to adequately validate input parameters when processing environment variables. An attacker could exploit this vulnerability by constructing malicious requests to execute arbitrary commands on the system.
|
|---|
| Source | ⚠️ https://github.com/Cpppq43/D-Link/blob/main/DIink-DIR-823x.md |
|---|
| User | BediveRE (UID 89464) |
|---|
| Submission | 09/09/2025 14:05 (9 months ago) |
|---|
| Moderation | 09/17/2025 14:24 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 324662 [D-Link DIR-823X 240126/240802/250416 Environment Variable /usr/sbin/goahead sub_412E7C terminal_addr/server_ip/server_port command injection] |
|---|
| Points | 19 |
|---|