CVE-2025-10634

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X versions 240126, 240802, and 250416

Description A weakness exists in the Environment Variable Handler component of the D-Link DIR-823X router. Manipulation of the terminal addr, server ip, or server port argument within the sub 412E7C function of the /usr/sbin/goahead file can lead to command injection. This issue can be exploited remotely. The exploit has been made publicly available.

Recommendations D-Link DIR-823X version 240126: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-823X version 240802: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-823X version 250416: At the moment, there is no information about a newer version that contains a fix for this vulnerability.