THREAT OPS › CVEs › CVE-2023-25280
CVE-2023-25280 — D-Link DIR-820 Router OS Command Injection Vulnerability
D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
Vulnerability details
- Affected productsDIR-820 Router
- KEV remediation due2024-10-21