CVE-2025-10123

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X versions up to 250416

Description A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the sub 415028 function of the /goform/set static leases file. Manipulation of the Hostname argument can lead to command injection, potentially granting unauthenticated attackers full device control. The exploit for this issue has been publicly disclosed.

Recommendations D-Link DIR-823X versions up to 250416: Update the firmware to address the vulnerability. D-Link DIR-823X versions up to 250416: Disable WAN administration access. D-Link DIR-823X versions up to 250416: Restrict management access to the LAN.

Exploit

Fix

RCE

Special Elements Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-77

Related Identifiers

BDU:2025-11534

CVE-2025-10123

Affected Products

Dir-823

CVE-2025-10123

Weakness Enumeration

Related Identifiers

Affected Products

References · 17