AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesApril 23, 2026CVE-2025-29635

Summary

The D-Link DIR-823X router has a command injection vulnerability (CVE-2025-29635), which means an attacker with authorized access can send specially crafted requests to execute arbitrary commands on the device. This vulnerability is actively being exploited in real attacks, and the affected product may no longer receive support from the vendor.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-05-08. See D-Link support announcement at https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10469

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 1.3%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

April 23, 2026

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-77

CAPEC (Attack Pattern)

CAPEC-88

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-29635

First tracked: April 24, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%