D-Link DIR-823X OS Command Injection Vulnerability

A critical command injection vulnerability has been identified in the D-Link DIR-823X router, specifically in the 250416 firmware version. The issue arises in the function 'sub_41E2A0' within the '/goform/set_mode' endpoint. The vulnerability allows remote attackers to inject operating system commands by manipulating the 'lan_gateway' parameter. This exploitation is possible because the router's firmware is no longer supported by the manufacturer.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the device's operating system.

Reproduction

To reproduce this vulnerability, log into the router's web interface and navigate to the '/goform/set_mode' endpoint. Inject a command through the 'lan_gateway' parameter, which will be executed on the system. This can be automated with a script that handles the login process and token management.