CVE-2025-29635 enables authenticated command injection against D-Link DIR-823X routers through malformed POST requests to /goform/set_prohibiting endpoint. Arbitrary command execution was confirmed on affected units, though product lifecycle status suggests EoL/EoS designation. CISA KEV listing indicates active exploitation observed in operational environments. Immediate device retirement is recommended given absence of vendor patching commitment for discontinued hardware.