Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-55581

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic.

Published

2025-08-22T18:15:35.857

Last Modified

2025-09-12T19:16:37.020

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Secondary
CWE-269
CWE-306
CWE-494

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dlink	dcs-825l_firmware	≤ 1.08.01	Yes
Hardware	dlink	dcs-825l	-	No

References

https://cybermaya.in/posts/Post-42/ Exploit, Third Party Advisory ([email protected])
https://legacy.us.dlink.com/pages/product.aspx?id=f9c0458bfe7b4ff3bf7fad1cf6fcc9a1 Product ([email protected])
https://www.dlink.com/en/security-bulletin/ Not Applicable ([email protected])