Exposures › CVE-2025-29635
D-Link DIR-823X router allows remote command execution via POST request to /goform/set_prohibiting endpoint.
This command injection vulnerability enables remote code execution on D-Link DIR-823X devices, which are often deployed in unsecured IoT environments. DIB organizations must immediately revoke access to these devices and replace them with patched hardware to prevent unauthorized access to internal networks. The vendor has not provided a patch, and the product is potentially end-of-life, leaving organizations exposed to lateral movement attacks.
Shame score — A critical RCE vulnerability in a widely deployed consumer router that is potentially end-of-life, with no vendor patch available.
D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
No correlated FedRAMP products.