CNNVD-202509-3227 Information

CNNVD ID

CNNVD-202509-3227

Related CVE

CVE-2025-10814

• CNNVD Published: 2025-09-22

Description (Chinese)

D-Link DIR-823X是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-823X 240126版本、240802版本和250416版本存在命令注入漏洞，该漏洞源于文件/usr/sbin/goahead中对参数port的错误操作，可能导致远程命令注入攻击。

Description (English)

D-Link DIR-823X is a wireless router of D-Link. D-Link DIR-823X 240126, 240802 and 250416 had a command-injecting loophole, which stemmed from the error in the parameter port in the document/usr/sbin/goahead and could lead to a remote command-injection attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

D3D

Published

2025-09-22

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.325172 https://vuldb.com/?id.325172 https://github.com/W1ngyu/cve/blob/main/DIink-DIR-823xgoformset_server_settings_command_execution_vulnerability.md https://vuldb.com/?submit.654452 https://www.dlink.com/ https://access.redhat.com/security/cve/cve-2025-10814