CNNVD-202509-1853 Information

Sep 14, 2025 cve

CNNVD ID

CNNVD-202509-1853

CVE-2025-10401

CNNVD Published: 2025-09-14

Description (Chinese)

D-Link DIR-823X是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-823x 250416及之前版本存在命令注入漏洞，该漏洞源于对文件/goform/diag_ping中参数target_addr的错误操作，可能导致命令注入攻击。

Description (English)

D-Link DIR-823X is a wireless router of D-Link. The D-Link DIR-823x 250416 and previous versions had a command-injecting loophole, which stemmed from an error in the parameter target addr in the document/goform/diag ping, which could lead to an order-injection attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

D3D

Published

2025-09-14

Last Modified

2026-02-24

References

https://github.com/Cpppq43/D-Link/blob/main/D-Link%20DIR-823X%20AX3000.md https://vuldb.com/?ctiid.323836 https://vuldb.com/?id.323836 https://vuldb.com/?submit.646761 https://www.dlink.com/ https://access.redhat.com/security/cve/cve-2025-10401

Share on: