CVE-2025-29635HIGH 7.2CISA KEVEPSS p98.2%

CVE-2025-29635D-Link DIR-823X Command Injection Vulnerability

D-Link / DIR-823X

Description

D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Scoring

CVSS 3.17.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS35.15% probability of exploitation · percentile 98.2% · 2026-06-18T12:00:27Z
Published2025-03-25
Last modified2026-04-24

CISA KEV entry

Added to KEV: 2026-04-24

Underlying weaknesses· 1

CWE-77

References

  1. https://github.com/mono7s/Dir-823x/blob/main/set_prohibiting/set_prohibiting.md
  2. https://www.akamai.com/blog/security-research/2026/apr/cve-2025-29635-mirai-campaign-targets-d-link-devices
  3. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-29635

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in a Command ('Command Injection')cwe-770%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryD-Link DIR-823X Command Injection Vulnerabilitykev-cve-2025-296350%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-11095
CVE
CVE-2025-11097
CVE
CVE-2025-11099
CVE
CVE-2025-10123
CVE
CVE-2026-1544
CVE
CVE-2025-11098
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.