CVE-2025-60698

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware version DIR882A1 FW102B02

Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 432F60 function within the prog.cgi binary stores user-supplied SetSysLogSettings/IPAddress values in NVRAM using nvram safe set("SysLogRemote IPAddress", ...). Subsequently, the sub 448DCC function in the rc binary retrieves these values using nvram safe get and incorporates them into a shell command executed via twsystem() without proper sanitization. An unauthenticated remote attacker can exploit this to execute arbitrary commands on the device by sending specially crafted HTTP requests to the router's web interface. The vulnerable binaries are prog.cgi and rc.

Recommendations Update to a newer version of the D-Link DIR-882 Router firmware that addresses this issue.