CVE-2023-25280CISA KEV: Actively Exploited

D-Link DIR-820 Router OS Command Injection Vulnerability

Published Sep 30, 2024·Updated Sep 30, 2024

Description

D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free