Teams Malware Deployment Possible via Browser Cache Smuggling
March 25, 2025Rilide Malware: A Malicious Browser Extension Targeting Chrome And Edge Users for Credential Theft – Active IOCs
March 25, 2025Teams Malware Deployment Possible via Browser Cache Smuggling
March 25, 2025Rilide Malware: A Malicious Browser Extension Targeting Chrome And Edge Users for Credential Theft – Active IOCs
March 25, 2025Severity
Medium
Analysis Summary
CVE-2025-2717
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. This issue affects the function sub_41710C of the file /goform/diag_nslookup of the component HTTP POST Request Handler. The manipulation of the argument target_addr leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2025-2717
Affected Vendors
- D-Link
Affected Products
- D-Link DIR-823X - 240126 - 240802
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.