Impact
The vulnerability resides in the sub_420688 routine of the /goform/set_qos handler in D‑Link DIR‑823X firmware 250416. A crafted request to this endpoint can inject arbitrary operating‑system commands, which may lead to full remote code execution on the device and compromise confidentiality, integrity, and availability. The weakness involves improper input handling (CWE‑77, CWE‑78).
Affected Systems
Affected devices are D‑Link DIR‑823X routers running firmware image 250416. No other firmware revisions are listed as impacted, but the CVE references enumerate this specific build.
Risk and Exploitability
The CVSS score of 8.6 indicates a high risk, and although the EPSS score is shown as 6%, an exploit has already been publicly released, making the threat real. The vulnerability is not yet listed in the CISA KEV catalog. Attackers can exploit it remotely by sending a crafted request to the /goform/set_qos endpoint, which results in operating‑system command execution.
OpenCVE Enrichment