CVE-2025-10634 – D-Link DIR-823X Environment Variable goahead sub_412E7C command injection

CVE ID : CVE-2025-10634

Published : Sept. 18, 2025, 2:15 a.m. | 44 minutes ago

Description : A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…