CVE-2025-60671
MediumCVSS 5.4Exploitation Probability (EPSS)
Elevated risk67th percentile - higher than 67% of all known CVEs
Summary
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit file. The vulnerability occurs because content read from this file is only partially validated for a prefix and then formatted using vsnprintf() before being executed with system(), allowing an attacker with write access to /var/system/linux_vlan_reinit to execute arbitrary commands on the device.
Risk Assessment
An attacker with local filesystem access can gain full control over the router, altering its configuration, intercepting network traffic, or using it as a pivot point for further attacks within the network.
Recommendation
Immediately update the router firmware to the latest available version if a patch is released by the vendor. If no update is available, restrict physical and remote access to the device and monitor for unusual activity.
Original NVD description (English source)
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit file. The vulnerability occurs because content read from this file is only partially validated for a prefix and then formatted using vsnprintf() before being executed with system(), allowing an attacker with write access to /var/system/linux_vlan_reinit to execute arbitrary commands on the device.

