Description
An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component
Published: 2026-03-05
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

An attacker can exploit a flaw in the etc/shadow.sample component of the D-Link DIR-1253 MESH firmware to gain elevated privileges within the device. The vulnerability permits escalation of authority from a lower‑privileged user context to full system control, allowing the attacker to alter configuration, install persistent malware, or disable security controls. The weakness maps to CWE‑269, indicating that the system fails to enforce proper privilege boundaries.

Affected Systems

The issue affects D‑Link DIR‑1253 MESH devices running firmware version 1.6.1684. No other vendor or product variants are listed; the vulnerability appears specific to this model and firmware build.

Risk and Exploitability

EPSS score < 1% indicates a very low probability of exploitation. The CVSS score of 9.8 indicates a critical severity. The reported vulnerability could allow full control over the router, compromising network security and enabling further attacks against connected devices.

Generated by OpenCVE AI on April 20, 2026 at 20:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest version released by D‑Link, which addresses the privilege‑escalation flaw.
  • If a firmware update is not immediately available, force a factory reset to clear any compromised configuration and block all unused management ports.
  • Configure the router’s access control list to restrict management access to trusted IP ranges and enforce strong authentication, mitigating potential misuse of the affected component.

Generated by OpenCVE AI on April 20, 2026 at 20:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via /etc/shadow.sample on D-Link DIR-1253

Fri, 20 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
References

Fri, 06 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-1253
Vendors & Products Dlink
Dlink dir-1253

Fri, 06 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Description An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component
References

Subscriptions

Dlink Dir-1253
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-09T16:12:22.216Z

Reserved: 2025-03-11T00:00:00.000Z

Link: CVE-2025-29165

cve-icon Vulnrichment

Updated: 2026-03-06T10:05:34.031Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-05T20:16:10.920

Modified: 2026-03-20T19:16:12.397

Link: CVE-2025-29165

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T21:00:12Z

Weaknesses