QwikSec

Security Database

CVE

CWE

Training

CVE-2025-0492

Published: Jan 15, 2025

Modified: Feb 12, 2025

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Vendor	Product	Versions
D-Link	DIR-823X	affected `240126` affected `240802`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

VDB-291937 | D-Link DIR-823X FUN_00412244 null pointer dereference

vdb-entry

technical-description

VDB-291937 | CTI Indicators (IOB, IOC, IOA)

signature

permissions-required

Submit #475301 | D-Link DIR-823X 240126, 240802 NULL Pointer Dereference

third-party-advisory

https://tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-FUN_00412244-NULL-Pointer-Dereference-1730448e619580fcb7f9d871c6e7190a

exploit

https://www.dlink.com/

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.