CVE-2023-25280

D-Link DIR-820 Router OS Command Injection Vulnerability

Description

D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.

Severity: CRITICAL

CVSS Score: 9.8

Vendor: D-Link

Product: DIR-820 Router