Details of VAR-202508-2757

ID

VAR-202508-2757

CVE

CVE-2025-55581

TITLE

D-Link Corporation of DCS-825L Privilege management vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-013941

DESCRIPTION

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic. D-Link Corporation of DCS-825L The firmware contains vulnerabilities related to privilege management, lack of authentication for critical functions, and insufficient integrity verification of downloaded code.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-55581 // JVNDB: JVNDB-2025-013941

AFFECTED PRODUCTS

vendor:	dlink	model:	dcs-825l	scope:	lte	version:	1.08.01	Trust: 1.0
vendor:	d link	model:	dcs-825l	scope:	lte	version:	dcs-825l firmware 1.08.01 and earlier	Trust: 0.8
vendor:	d link	model:	dcs-825l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dcs-825l	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-013941 // NVD: CVE-2025-55581

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-55581
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-013941
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-55581
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	5.5
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-013941
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-013941 // NVD: CVE-2025-55581

PROBLEMTYPE DATA

problemtype:	CWE-494	Trust: 1.0
problemtype:	CWE-269	Trust: 1.0
problemtype:	CWE-306	Trust: 1.0
problemtype:	Improper authority management (CWE-269) [ others ]	Trust: 0.8
problemtype:	Lack of authentication for critical features (CWE-306) [ others ]	Trust: 0.8
problemtype:	Incomplete integrity verification of downloaded code (CWE-494) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-013941 // NVD: CVE-2025-55581

EXTERNAL IDS

db:	NVD	id:	CVE-2025-55581	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-013941	Trust: 0.8

sources: JVNDB: JVNDB-2025-013941 // NVD: CVE-2025-55581

REFERENCES

url:	https://cybermaya.in/posts/post-42/	Trust: 1.8
url:	https://legacy.us.dlink.com/pages/product.aspx?id=f9c0458bfe7b4ff3bf7fad1cf6fcc9a1	Trust: 1.8
url:	https://www.dlink.com/en/security-bulletin/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-55581	Trust: 0.8

sources: JVNDB: JVNDB-2025-013941 // NVD: CVE-2025-55581

SOURCES

db:	JVNDB	id:	JVNDB-2025-013941
db:	NVD	id:	CVE-2025-55581

LAST UPDATE DATE

2025-09-20T23:12:52.452000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-013941	date:	2025-09-16T23:33:00
db:	NVD	id:	CVE-2025-55581	date:	2025-09-12T19:16:37.020

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-013941	date:	2025-09-17T00:00:00
db:	NVD	id:	CVE-2025-55581	date:	2025-08-22T18:15:35.857