Home / Vulnerability Intelligence / CVE-2025-29165

CVE-2025-29165 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 6, 2026

D-Link DIR-1253 MESH - Privilege Escalation

Published: March 5, 2026Updated: March 6, 2026Remote Exploitable

Overview

D-Link DIR-1253 MESH V1.6.1684 contains a privilege escalation caused by vulnerability in etc/shadow.sample component, letting attackers escalate privileges, exploit requires unspecified conditions.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 3.9%(Probability of exploitation in next 30 days)

Impact

Attackers can escalate their privileges, potentially gaining unauthorized administrative access.

Mitigation

Update to the latest version or apply vendor patches.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 7, 2026

🔴 CVE-2025-29165 - Critical (9.8) An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-29165/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-29165
Severity: Critical
CVSS Score: 9.8
Type: broken_access_control
Status: new
EPSS: 3.9%
Social Posts: 1

CWE

CWE-269

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

3.9%Probability of exploitation in the next 30 days