PT-2025-46139 · Unknown · Malware Remover
Published
2025-11-10
·
Updated
2026-06-21
·
CVE-2025-11837
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Malware Remover versions prior to 6.6.8.20251023
Description
Improper control of code generation in the
malware remover component allows remote attackers to perform code injection and remote code execution. This flaw can be exploited to bypass protection mechanisms. In real-world incidents, the AryStinger botnet has utilized this and other flaws to compromise over 4,000 end-of-life D-Link routers, transforming them into a distributed scanning and proxy infrastructure for malicious traffic and hijacking DNS to intercept network traffic.Recommendations
Update to version 6.6.8.20251023 or later.
Fix
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Malware Remover