{"vulnerability": "CVE-2025-29635", "sightings": [{"uuid": "755c784c-1921-42d5-a772-2c14e77160e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7q2zfffq2j", "content": "", "creation_timestamp": "2025-03-25T16:49:44.557202Z"}, {"uuid": "f6126f43-a42f-48db-a096-2f92f14d0df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mk6kqhf6ss2d", "content": "", "creation_timestamp": "2026-04-23T17:42:42.368574Z"}, {"uuid": "5d710fb2-184a-49db-882c-9c7f98d99d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "exploited", "source": "https://t.me/BleepingComputer/24518", "content": "\u200aNew Mirai campaign exploits RCE flaw in EoL D-Link routers\n\nA new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. [...]\n\nhttps://www.bleepingcomputer.com/news/security/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers/", "creation_timestamp": "2026-04-22T20:16:21.000000Z"}, {"uuid": "d687d5b1-4b71-493d-a835-6c6d547c2bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "exploited", "source": "https://t.me/ctinow/249198", "content": "Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers\nhttps://ift.tt/fD7Le5k", "creation_timestamp": "2026-04-22T18:04:27.000000Z"}, {"uuid": "5daf19c3-ae87-4268-9177-5eeeabccd4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://gist.github.com/stone776/62caf070c1c841dbb439acee42f962a2", "content": "", "creation_timestamp": "2026-04-25T08:28:28.000000Z"}, {"uuid": "9a814a15-b6bf-4152-a0fd-aa818c219403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mk44vdcb7624", "content": "", "creation_timestamp": "2026-04-22T18:29:34.718552Z"}, {"uuid": "66a86efb-8733-4ef9-aa04-72f4f8f2fca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mk45tuketq27", "content": "", "creation_timestamp": "2026-04-22T18:46:39.126116Z"}, {"uuid": "44df19ed-96a1-4c2c-8dd3-fbdbdb2e3d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mk4ca4xuiz2l", "content": "", "creation_timestamp": "2026-04-22T20:05:05.716051Z"}, {"uuid": "98b86aad-7d49-4e95-93bc-446ae5a4375c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk4fgt2shf2g", "content": "", "creation_timestamp": "2026-04-22T21:02:32.693052Z"}, {"uuid": "3a22fe84-1689-402a-b8df-1446d8bfa4a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mk4htdnv6d2x", "content": "", "creation_timestamp": "2026-04-22T21:45:18.915371Z"}, {"uuid": "4315c353-aca4-4ba2-95fa-ac98b928d641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mk4nny6jky24", "content": "", "creation_timestamp": "2026-04-22T23:29:41.246831Z"}, {"uuid": "3b691cda-2225-4194-bb49-0a3487b2b2ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mk4pf43qdo2u", "content": "", "creation_timestamp": "2026-04-23T00:00:31.119595Z"}, {"uuid": "439ae2cf-12cf-4a40-9606-e776c90cb5b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3mk5d2p7vvk2d", "content": "", "creation_timestamp": "2026-04-23T05:52:39.519657Z"}, {"uuid": "373c6040-3583-4927-aa3c-5f11c77f806a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-29635", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mk5eogpfv22w", "content": "", "creation_timestamp": "2026-04-23T06:21:32.415969Z"}, {"uuid": "f8c71c32-6a31-4779-b899-49bf6890e646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mk6womi3ok2d", "content": "", "creation_timestamp": "2026-04-23T21:16:26.050470Z"}, {"uuid": "591edccb-4156-4807-a4c3-1f8eb7b696e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116460864002205112", "content": "", "creation_timestamp": "2026-04-24T17:29:19.051142Z"}, {"uuid": "4e15a064-bcab-4981-b780-2b6345cb2323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116460946332281703", "content": "", "creation_timestamp": "2026-04-24T17:50:15.178049Z"}, {"uuid": "b6d31a2a-e54b-438c-a5c3-27fa95191611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mkb3npe6wg27", "content": "", "creation_timestamp": "2026-04-24T17:50:43.073230Z"}, {"uuid": "7cbf7320-49cd-45c3-86e5-a15e885675ab", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-29635", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1bcb64f7-0cf2-44a0-9e0e-c0cf67742404", "content": "", "creation_timestamp": "2026-04-24T18:00:01.887431Z"}, {"uuid": "63088775-ea56-4a0b-9531-b2cde874cc4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mk7iw463ccrs", "content": "", "creation_timestamp": "2026-04-24T02:43:01.928738Z"}, {"uuid": "28053d07-cd55-4ab8-874b-96d504153df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-29635", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mka2u3nqukrs", "content": "", "creation_timestamp": "2026-04-24T08:04:03.063912Z"}, {"uuid": "25535be0-d91a-4458-a9e3-95645b736b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6334753", "content": "", "creation_timestamp": "2026-04-24T19:38:38.814244Z"}, {"uuid": "78acbf9a-533d-42ed-90b0-7601c99e326b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116453675237302014", "content": "", "creation_timestamp": "2026-04-23T11:01:06.714166Z"}, {"uuid": "f2d5dee7-5424-4902-96a5-a8b9f22db1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8651", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29635\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.\n\ud83d\udccf Published: 2025-03-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T13:03:40.937Z\n\ud83d\udd17 References:\n1. https://github.com/mono7s/Dir-823x/blob/main/set_prohibiting/set_prohibiting.md", "creation_timestamp": "2025-03-25T13:23:59.000000Z"}, {"uuid": "b8383176-82fa-4989-92ef-31aaba199cb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkiwjvrbw223", "content": "", "creation_timestamp": "2026-04-27T20:40:28.288429Z"}, {"uuid": "51e289a4-62c5-4e54-b7f0-0c6ec57dd8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mkdwuk7fub2g", "content": "", "creation_timestamp": "2026-04-25T21:03:11.947456Z"}, {"uuid": "786be539-928e-4455-b8de-606bd0252bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mklqqlpops2w", "content": "", "creation_timestamp": "2026-04-28T23:34:46.745915Z"}, {"uuid": "5e6e52ae-90b8-4791-90e4-138c353c4fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "exploited", "source": "Telegram/47EgD6HRFdjL8lSrN_oseytw7Re77bEJzRFd7eCT8rFsEpNY", "content": "", "creation_timestamp": "2026-04-22T18:10:04.000000Z"}, {"uuid": "b3defa14-7500-459d-89b2-f2609cc443eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-29635", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/116499431109566275", "content": "Mirai Turns Unsupported D-Link Routers into DDoS Weapons Using CVE-2025-29635#CVE_2025_29635 #Mirai https://www.secpod.com/blog/mirai-turns-unsupported-d-link-routers-into-ddos-weapons-using-cve-2025-29635/", "creation_timestamp": "2026-05-01T12:57:28.740903Z"}, {"uuid": "275a78f8-a958-4684-89ed-9177688c020e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "seen", "source": "https://t.me/cvedetector/21109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29635 - D-Link DIR-823X Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29635 \nPublished : March 25, 2025, 2:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:20.000000Z"}, {"uuid": "1b72d544-07ea-4849-83ca-e0663b402b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29635", "type": "published-proof-of-concept", "source": "Telegram/4yRTt9dy-kSa9hw9IvAX8xqiMQA60h8go96Ck2HC1in5CKw", "content": "", "creation_timestamp": "2025-03-25T17:30:48.000000Z"}]}