CVE-2025-55582
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-27

Last updated on: 2025-09-09

Assigner: MITRE

Description
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script executes these binaries as root in an infinite loop, leading to persistent privilege escalation and arbitrary code execution. This issue is mitigated in v1.09.02, but the product is officially End-of-Life and unsupported.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-27
Last Modified
2025-09-09
Generated
2026-05-07
AI Q&A
2025-08-27
EPSS Evaluated
2026-05-05
NVD
CVE-2025-55582
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dlink dcs-825l_firmware 1.08.01
dlink dcs-825l *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CWE-494 The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the D-Link DCS-825L firmware version 1.08.01 within the watchdog script 'mydlink-watch-dog.sh'. The script respawns certain binaries like 'dcp' and 'signalc' without checking their integrity, authenticity, or permissions. An attacker who gains local filesystem access can replace these binaries with malicious versions. Since the script runs these binaries as root repeatedly, this allows the attacker to execute arbitrary code with root privileges persistently.


How can this vulnerability impact me? :

If exploited, this vulnerability can lead to persistent privilege escalation and arbitrary code execution on the affected device. An attacker with local access can gain root-level control, potentially compromising the device's security, stability, and confidentiality of data handled by the device.


What immediate steps should I take to mitigate this vulnerability?

Since the vulnerability is fixed in firmware version v1.09.02, the immediate step is to upgrade the device firmware to v1.09.02 or later if possible. However, as the product is officially End-of-Life and unsupported, if upgrading is not possible, restrict local filesystem access by limiting physical access, disabling debug interfaces, and preventing unauthorized firmware modifications to mitigate exploitation risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart