What is the CVSS score of CVE-2025-29635?

CVE-2025-29635 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 1.6%.

Which versions of D-Link are affected by CVE-2025-29635?

Organizations using A command injection vulnerability in D-Link DIR-823X 240126 and 240802 face significant risk from CVE-2025-29635, a command injection vulnerability rated CVSS 8.8.

Is there a public PoC exploit available for CVE-2025-29635?

Yes, a public proof-of-concept exploit is available for CVE-2025-29635. Prioritise patching immediately. EPSS: 1.6%.

How to fix or mitigate CVE-2025-29635?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Validate that input sanitization is in place for all user-controlled parameters.

D-Link CVE-2025-29635

HIGH

Command Injection (CWE-77)

2025-03-25 cve@mitre.org

Command Injection D-Link

7.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Added to CISA KEV

Apr 24, 2026 - 18:01 CISA

Re-analysis Queued

Apr 24, 2026 - 14:22 vuln.today

cvss_changed

CVSS changed

Apr 24, 2026 - 14:22 NVD

8.8 (HIGH) 7.2 (HIGH)

Analysis Generated

Mar 28, 2026 - 18:33 vuln.today

PoC Detected

Apr 03, 2025 - 17:35 vuln.today

Public exploit code

CVE Published

Mar 25, 2025 - 14:15 nvd

HIGH 8.8

DescriptionNVD

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

AnalysisAI

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Command Injection (CWE-77), which allows attackers to inject arbitrary commands into system command execution. A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution. Affected products include: Dlink Dir-823X Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized APIs, avoid shell execution, validate input with strict allowlists.