VYPR
Medium severity6.3NVD Advisory· Published Sep 18, 2025· Updated Apr 29, 2026

CVE-2025-10634

CVE-2025-10634

Description

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:o:dlink:dir-823x_firmware:240126:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:dlink:dir-823x_firmware:240126:*:*:*:*:*:*:*
    • cpe:2.3:o:dlink:dir-823x_firmware:240802:*:*:*:*:*:*:*
    • cpe:2.3:o:dlink:dir-823x_firmware:250416:*:*:*:*:*:*:*
  • Dlink/DIR823Gllm-fuzzy
    Range: 240126, 240802, 250416

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.