Loading…

Cookies and privacy

We use strictly necessary cookies to run the site. With your permission we also load Vercel Web Analytics and Speed Insights to measure traffic and performance in aggregate. See our Cookie Policy and Privacy Policy.

CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability · Scorifya

CVE detail

CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability

Source: CISA Known Exploited Vulnerabilities catalog · back to feed

Vendor / product

D-Link · DIR-823X

Date added (KEV): Apr 24, 2026
CISA due date: May 08, 2026
Ransomware campaign use: Unknown

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vendor fix: Vendor advisory

Scorifya interpretation

AI-generated

A short, structured read of the record above — generated when this page first loads, then cached for a week.

Plain English

Technical detail

From CISA

D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10469 ; https://nvd.nist.gov/vuln/detail/CVE-2025-29635

References

https://github.com/mono7s/Dir-823x/blob/main/set_prohibiting/set_prohibiting.mdExploitThird Party AdvisoryBroken Link
https://www.akamai.com/blog/security-research/2026/apr/cve-2025-29635-mirai-campaign-targets-d-link-devicesExploitThird Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-29635US Government Resource

Other recent CVEs from D-Link

CVE-2022-37055Routers — D-Link Routers Buffer Overflow Vulnerability
CVE-2020-25078DCS-2530L and DCS-2670L Devices — D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
CVE-2020-25079DCS-2530L and DCS-2670L Devices — D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability
CVE-2022-40799DNR-322L — D-Link DNR-322L Download of Code Without Integrity Check Vulnerability
CVE-2024-0769DIR-859 Router — D-Link DIR-859 Router Path Traversal Vulnerability

Check your domain's public posture

Scorifya doesn't test for specific CVEs, but if patching D-Link changed your headers or TLS, a fresh hardening scan helps confirm nothing regressed externally.

Run a free scan Methodology