| Title | D-Link DIR-823X 250416 OS Command Injection |
|---|
| Description | The D-Link DIR-823X router is susceptible to a Remote Command Injection vulnerability via the /goform/set_static_route_table endpoint. The flaw exists in the backend function sub_4175CC, which handles parameters including interface, destip, netmask, gateway, and metric.
While the program calls certain validation functions for specific parameters, it fails to verify the success of these validations and, more importantly, lacks any sanitization for the newline character (\n or 0x0A). An authenticated attacker can inject arbitrary shell commands by using a newline to terminate the intended UCI configuration command and start a new malicious instruction, which is then executed with root privileges. |
|---|
| Source | ⚠️ https://github.com/master-abc/cve/issues/28 |
|---|
| User | jiefengliang (UID 93721) |
|---|
| Submission | 01/28/2026 17:42 (3 months ago) |
|---|
| Moderation | 02/07/2026 09:29 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 344859 [D-Link DIR-823X 250416 set_static_route_table sub_4175CC interface/destip/netmask/gateway/metric os command injection] |
|---|
| Points | 20 |
|---|