CVE-2025-29635 - D-Link

Published on 25 April 2026 by Benjamin Upton Updated on 9 January 2026

Information

CVSS Score: 8.8 High
Exploited flaw: Yes PoC: Yes IoC: Yes
A command injection vulnerability in D-Link DIR-823X routers allows an authenticated attacker to execute arbitrary code by sending specially crafted requests.

Type of vulnerability

CWE-77 : Improper Neutralization of Special Elements used in a Command ('Command Injection')

Risks

Remote code execution

Criticality (baseline CVSS score v3.1)

Attack vector Network
Attack complexity Low
Required privileges Low
User interaction None
Scope Unchanged
Impact on privacy High
Impact on integrity High
Impact on availability High

Impacted products

  • D-Link DIR-823X versions 240126 and 240802

Recommendations

D-Link DIR-823X routers reached end of service in November 2024. Additional information is available in D-Link’s advisory.

Proof of concept

A proof of concept is available in open source.

Resources

ioc-test Download cve.org Go to site D-Link support page Go to site Security Affairs article Go to site
Advens

Making progress together for the greater good

Client, partner or applicant: work with us to preserve the security of organisations and to protect our society.

Together, let’s lend our skills performance at the service of meaningful projects. Because just like cyber risks, change can no longer wait.

Contact us
Advens

About Advens

We are proud to be an independent leader in cybersecurity in France, and that our experts across the country provide you support so you can face cyber threats. But that’s not what defines us.

We do more than just protect your data, we take collective action against the emergencies of our world today, and prepare for what must be faced tomorrow.

Find out more