From 95953e9834a8041fba16b81b67c1a295cc117f38 Mon Sep 17 00:00:00 2001
From: zuhri <zphr@tuta.io>
Date: Sun, 14 Jun 2026 00:23:34 +0700
Subject: [PATCH 1/4] update: details, references

---
 .../GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
index a99fb9849e3c2..ab84daf864b63 100644
--- a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
+++ b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
@@ -6,7 +6,7 @@
   "aliases": [
     "CVE-2025-29165"
   ],
-  "details": "An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component",
+  "details": "D-Link DIR-1253 Prior version <= V1.6.1684 vulnerable to privilege escalation. The file affected at `etc/shadow.sample` contained a hardcoded root credential. These credentials are used in `var/shadow` by the following `init.d/rcS_{AP,GW}` boot script, this script is being execute when booting process is start.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -15,6 +15,10 @@
   ],
   "affected": [],
   "references": [
+    {
+      "type": "ADVISORY"
+      "url": "https://zuh.re/cve/2025-29165"
+    }
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29165"
@@ -23,18 +27,10 @@
       "type": "WEB",
       "url": "https://codeberg.org/zuhri/advisory/src/branch/main/CVE-2025-29165"
     },
-    {
-      "type": "WEB",
-      "url": "https://github.com/twentysevns/Vuln-IoT-Reports/blob/main/DLINK/DIR-1253/README.md"
-    },
     {
       "type": "WEB",
       "url": "https://www.dlink.com/en/security-bulletin"
     },
-    {
-      "type": "WEB",
-      "url": "https://zuh.re/cve/2025-29165"
-    }
   ],
   "database_specific": {
     "cwe_ids": [
@@ -45,4 +41,4 @@
     "github_reviewed_at": null,
     "nvd_published_at": "2026-03-05T20:16:10Z"
   }
-}
\ No newline at end of file
+}

From b0ae6388bac43a1c8f793c886fb52382bb35d6ba Mon Sep 17 00:00:00 2001
From: zuhri <zphr@tuta.io>
Date: Sun, 14 Jun 2026 00:36:40 +0700
Subject: [PATCH 2/4] updates: details and references

---
 .../2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
index ab84daf864b63..57fe94d2d1463 100644
--- a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
+++ b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
@@ -6,6 +6,7 @@
   "aliases": [
     "CVE-2025-29165"
   ],
+  "summary": "An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component.",
   "details": "D-Link DIR-1253 Prior version <= V1.6.1684 vulnerable to privilege escalation. The file affected at `etc/shadow.sample` contained a hardcoded root credential. These credentials are used in `var/shadow` by the following `init.d/rcS_{AP,GW}` boot script, this script is being execute when booting process is start.",
   "severity": [
     {

From 20b9bc410c99266e23ae2721841e4a2da5f54714 Mon Sep 17 00:00:00 2001
From: zuhri <zphr@tuta.io>
Date: Sun, 14 Jun 2026 00:56:18 +0700
Subject: [PATCH 3/4] updates: fix minor

---
 .../2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
index 57fe94d2d1463..41a8eee27ee0f 100644
--- a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
+++ b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
@@ -19,7 +19,7 @@
     {
       "type": "ADVISORY"
       "url": "https://zuh.re/cve/2025-29165"
-    }
+    },
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29165"

From ac98af6b6a25800e1412069ace98dce18820e5f6 Mon Sep 17 00:00:00 2001
From: zuhri <zphr@tuta.io>
Date: Sun, 14 Jun 2026 01:04:25 +0700
Subject: [PATCH 4/4] update: fix issue

---
 .../2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
index 41a8eee27ee0f..59e5825778fd5 100644
--- a/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
+++ b/advisories/unreviewed/2026/03/GHSA-rcv7-3vfh-47x6/GHSA-rcv7-3vfh-47x6.json
@@ -17,7 +17,7 @@
   "affected": [],
   "references": [
     {
-      "type": "ADVISORY"
+      "type": "ADVISORY",
       "url": "https://zuh.re/cve/2025-29165"
     },
     {
@@ -31,7 +31,7 @@
     {
       "type": "WEB",
       "url": "https://www.dlink.com/en/security-bulletin"
-    },
+    }
   ],
   "database_specific": {
     "cwe_ids": [