CVE-2025-55581

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://cybermaya.in/posts/Post-42/	Third Party Advisory Exploit
https://legacy.us.dlink.com/pages/product.aspx?id=f9c0458bfe7b4ff3bf7fad1cf6fcc9a1	Product
https://www.dlink.com/en/security-bulletin/	Not Applicable

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dcs-825l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dcs-825l:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-08-22 18:15

Updated : 2025-09-12 19:16

NVD link : CVE-2025-55581

Mitre link : CVE-2025-55581

CVE.ORG link : CVE-2025-55581

JSON object : View

Products Affected

dlink

dcs-825l_firmware
dcs-825l

CWE

CWE-269

Improper Privilege Management

CWE-306

Missing Authentication for Critical Function

CWE-494

Download of Code Without Integrity Check

{"id": "CVE-2025-55581", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 1.8}]}, "published": "2025-08-22T18:15:35.857", "references": [{"url": "https://cybermaya.in/posts/Post-42/", "tags": ["Third Party Advisory", "Exploit"], "source": "[email protected]"}, {"url": "https://legacy.us.dlink.com/pages/product.aspx?id=f9c0458bfe7b4ff3bf7fad1cf6fcc9a1", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://www.dlink.com/en/security-bulletin/", "tags": ["Not Applicable"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}, {"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-494"}]}], "descriptions": [{"lang": "en", "value": "D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic."}, {"lang": "es", "value": "La versi\u00f3n de firmware 1.08.01 de la D-Link DCS-825L y posiblemente versiones anteriores contienen una implementaci\u00f3n insegura en el script mydlink-watch-dog.sh. Este script monitoriza y regenera los binarios `dcp` y `signalc` sin validar su integridad, origen ni permisos. Un atacante con acceso al sistema de archivos (por ejemplo, mediante UART o modificaci\u00f3n del firmware) podr\u00eda reemplazar estos binarios para ejecutar c\u00f3digo arbitrario de forma persistente con privilegios de root. El problema se debe a una gesti\u00f3n incorrecta de la confianza de los ejecutables y a la ausencia de comprobaciones de integridad en la l\u00f3gica del watchdog."}], "lastModified": "2025-09-12T19:16:37.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-825l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C7A65BD-87B7-478A-8416-1196C8C3B9C6", "versionEndIncluding": "1.08.01"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-825l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "465C691A-5068-474F-9BCF-D3CD99388EE4"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}