Unrated severityNVD Advisory· Published Feb 7, 2025· Updated Feb 7, 2025

D-Link DIR-823X HTTP POST Request set_wifi_blacklists null pointer dereference

CVE-2025-1103

Description

A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Affected products

Dlink/DIR-823xllm-fuzzy2 versions
= 240126 / 240802+ 1 more
- (no CPE)range: = 240126 / 240802
- (no CPE)range: 240126

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-set_wifi_blacklists-Vulnerability-1870448e619580e5bf09cf628692f7a9mitreexploit
vuldb.commitrethird-party-advisory
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description
www.dlink.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000