CVE-2025-29635 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: April 24, 2026
Overview
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.
Severity & Score
Social Media Activity(7 posts)
đ¨ [CISA-2026:0424] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0424) CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. â ď¸ CVE-2024-57726 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-57726) - Name: SimpleHelp Missing Authorization Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: SimpleHelp - Product: SimpleHelp - Notes: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier ; https://nvd.nist.gov/vuln/detail/CVE-2024-57726 â ď¸ CVE-2024-57728 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-57728) - Name: SimpleHelp Path Traversal Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: SimpleHelp - Product: SimpleHelp - Notes: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier ; https://nvd.nist.gov/vuln/detail/CVE-2024-57728 â ď¸ CVE-2024-7399 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-7399) - Name: Samsung MagicINFO 9 Server Path Traversal Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Samsung - Product: MagicINFO 9 Server - Notes: https://security.samsungtv.com/securityUpdates ; https://nvd.nist.gov/vuln/detail/CVE-2024-7399 â ď¸ CVE-2025-29635 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-29635) - Name: D-Link DIR-823X Command Injection Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: D-Link - Product: DIR-823X - Notes: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10469 ; https://nvd.nist.gov/vuln/detail/CVE-2025-29635 #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260424 #cisa20260424 #cve_2024_57726 #cve_2024_57728 #cve_2024_7399 #cve_2025_29635 #cve202457726 #cve202457728 #cve20247399 #cve202529635
View original post
CVE ID: CVE-2025-29635 Vendor: D-Link Product: DIR-823X Date Added: 2026-04-24 CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-29635
View original post
đ° Mirai Botnet Exploits Critical Flaw in Discontinued D-Link Routers for DDoS Attacks đ¨ A new Mirai botnet campaign is exploiting a critical RCE flaw (CVE-2025-29635) in discontinued D-Link routers. The devices are EoL and will not be patched. Disconnect them now to prevent them from joining a DDoS botnet! #Mirai #Botnet #IoT #DLink đ https://cyber.netsecops.io/articles/mirai-botnet-exploits-flaw-in-discontinued-d-link-routers/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto
View original post
Broadcom has a new advisory for a critical vulnerability: Common Components and Services for z/OS 15.0 Vulnerability in CCS Apache Tomcat https://support.broadcom.com/web/ecx/security-advisory #Broadcom #Apache CISA has updated the KEV catalogue: - CVE-2024-57726: SimpleHelp Missing Authorization Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-57726 - CVE-2024-57728: SimpleHelp Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-57728 - CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-7399 - CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-29635 #CISA #Samsung #DLink Cisco has two advisories for high-severity vulnerabilities: - CVE-2023-20185: Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX - Informational, updated today: Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03 @TalosSecurity #Cisco #infosec #vulnerability
View original post
đ¨ [CISA-2026:0424] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0424) CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. â ď¸ CVE-2024-57726 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-57726) - Name: SimpleHelp Missing Authorization Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: SimpleHelp - Product: SimpleHelp - Notes: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier ; https://nvd.nist.gov/vuln/detail/CVE-2024-57726 â ď¸ CVE-2024-57728 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-57728) - Name: SimpleHelp Path Traversal Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: SimpleHelp - Product: SimpleHelp - Notes: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier ; https://nvd.nist.gov/vuln/detail/CVE-2024-57728 â ď¸ CVE-2024-7399 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-7399) - Name: Samsung MagicINFO 9 Server Path Traversal Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Samsung - Product: MagicINFO 9 Server - Notes: https://security.samsungtv.com/securityUpdates ; https://nvd.nist.gov/vuln/detail/CVE-2024-7399 â ď¸ CVE-2025-29635 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-29635) - Name: D-Link DIR-823X Command Injection Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: D-Link - Product: DIR-823X - Notes: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10469 ; https://nvd.nist.gov/vuln/detail/CVE-2025-29635 #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260424 #cisa20260424 #cve_2024_57726 #cve_2024_57728 #cve_2024_7399 #cve_2025_29635 #cve202457726 #cve202457728 #cve20247399 #cve202529635
View original post
CVE ID: CVE-2025-29635 Vendor: D-Link Product: DIR-823X Date Added: 2026-04-24 CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-29635
View original post
Broadcom has a new advisory for a critical vulnerability: Common Components and Services for z/OS 15.0 Vulnerability in CCS Apache Tomcat https://support.broadcom.com/web/ecx/security-advisory #Broadcom #Apache CISA has updated the KEV catalogue: - CVE-2024-57726: SimpleHelp Missing Authorization Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-57726 - CVE-2024-57728: SimpleHelp Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-57728 - CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-7399 - CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-29635 #CISA #Samsung #DLink Cisco has two advisories for high-severity vulnerabilities: - CVE-2023-20185: Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX - Informational, updated today: Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03 @TalosSecurity #Cisco #infosec #vulnerability
View original postRelated Resources
Details
- CVE ID
- CVE-2025-29635
- Severity
- High
- CVSS Score
- 8.8
- EPSS
- 125.0%
- Social Posts
- 7