CVE-2025-29635

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X versions 240126 and 240802

Description A command injection issue exists due to insufficient data sanitization at the control level. An authorized remote attacker can execute arbitrary commands on the device by sending a POST request to the '/goform/set prohibiting' endpoint. This flaw is being actively exploited by a Mirai-based malware campaign to conscript routers into a botnet for launching large-scale attacks on websites and services.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.