THREATOPS
THREAT OPSCVEs › CVE-2023-25280

CVE-2023-25280 — D-Link DIR-820 Router OS Command Injection Vulnerability

CISA KEVExploited: confirmedD-Link

D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.

Vulnerability details