Vulnerabilities > CVE-2019-8392 - Unspecified vulnerability in Dlink Dir-823G Firmware 1.02B03

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

dlink

NVD

Published: 2019-02-17

Updated: 2020-08-24

Summary

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead.

Vulnerable Configurations

Part	Description	Count
OS	Dlink Dlink DIR 823G Firmware 1.02B03	1
Hardware	Dlink Dlink DIR 823G -	1

References

https://github.com/leonW7/D-Link/blob/master/Vul_6.md