Impact
A remote attacker can manipulate the terminal_addr, server_ip, or server_port parameters in the /goform/set_server_settings configuration interface, causing the router to execute arbitrary operating system commands. This creates a severe remote command execution vulnerability that could compromise the router’s integrity, confidentiality, and availability. The flaw arises from an unsanitized input handling, classified under CWE-77 and CWE-78.
Affected Systems
The flaw is present in D‑Link DIR‑823X routers running firmware 250416. Any device from the DIR‑823X family that has not applied a firmware update that addresses this issue remains vulnerable.
Risk and Exploitability
The CVSS score of 8.6 classifies the flaw as high severity, while the EPSS score of 4% indicates a moderate likelihood that exploitation may occur. The vulnerability can be triggered remotely over the network by sending crafted requests to the router’s web interface; publicly available proof‑of‑concept or exploit code is documented. The vulnerability is not yet listed in the CISA KEV catalog, but the high impact warrants proactive mitigation.
OpenCVE Enrichment