CVE-2025-55581

HIGH EPSS 6.1%

Published Aug 22, 202510mo ago · Modified Jun 17, 20261w ago

7.3 CVSS 3.1

High

Published Aug 22, 2025 10mo ago

Last Modified Jun 17, 2026 1w ago

Description

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic.

CVSS Details

Base Score

7.3

Exploitability

1.8

Impact

5.5

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability Low

Threat Intelligence

EPSS Exploit Probability

6.1% percentile

Exploit & Patch Status

Public Exploit Known

No Patch Available

Weaknesses 3

CWE-269 Improper Privilege Management Authorization

CWE-306 Missing Authentication for Critical Function Authentication

CWE-494

Affected Products 2

Vendor	Product	Version	Range
dlink	dcs-825l_firmware	*	≤1.08.01
dlink	dcs-825l	*	any

References 3

cybermaya.in https://cybermaya.in/posts/Post-42/

ExploitThird Party Advisory
legacy.us.dlink.com https://legacy.us.dlink.com/pages/product.aspx?id=f9c0458bfe7b4ff3bf7fad1cf6fcc9a1

Product
dlink.com https://www.dlink.com/en/security-bulletin/

Not Applicable

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.