CVE-2025-60700

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware versions prior to DIR882A1 FW102B02

Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 4455BC function within the prog.cgi binary stores user-supplied SetDMZSettings/IPAddress values in NVRAM using nvram safe set("dmz ipaddr", ...). These values are later retrieved in the DMZ run function of librcm.so using nvram safe get and incorporated into iptables shell commands executed via twsystem() without proper sanitization. An unauthenticated remote attacker can exploit this to execute arbitrary commands on the device by sending specially crafted HTTP requests to the router's web interface. The vulnerable binaries include prog.cgi and librcm.so.

Recommendations Update the D-Link DIR-882 Router firmware to version DIR882A1 FW102B02 or later.