CVE-2025-29635 | THREATINT

Description

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

PUBLISHED Reserved 2025-03-11 | Published 2025-03-25 | Updated 2026-04-25 | Assigner mitre

CISA Known Exploited Vulnerability

Date added 2026-04-24 | Due date 2026-05-08

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

References

www.akamai.com/...9635-mirai-campaign-targets-d-link-devices third-party-advisory

www.cisa.gov/...erabilities-catalog?field_cve=CVE-2025-29635 government-resource

github.com/...x/blob/main/set_prohibiting/set_prohibiting.md

cve.org (CVE-2025-29635)

nvd.nist.gov (CVE-2025-29635)

Download JSON