CVE-2025-55581

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-825L firmware versions prior to 1.08.01

Description: The D-Link DCS-825L firmware contains an insecure implementation in the mydlink-watch-dog.sh script. This script monitors and restarts the dcp and signalc binaries without verifying their integrity, origin, or permissions. An attacker gaining filesystem access can replace these binaries to execute arbitrary code persistently with root privileges. The issue arises from a lack of executable trust and integrity checks within the watchdog logic.

Recommendations: Update to a firmware version newer than 1.08.01. As a temporary workaround, restrict filesystem access to prevent unauthorized modification of the dcp and signalc binaries.

Exploit

Fix

Missing Authentication

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-494CWE-269

Related Identifiers

BDU:2025-12533

CVE-2025-55581

Affected Products

Dcs-825L

CVE-2025-55581

Weakness Enumeration

Related Identifiers

Affected Products

References · 10