Vulnerabilities > Dlink > DIR 823G Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2023-26613 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-06-29 CVE-2023-26616 Classic Buffer Overflow vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
network
low complexity
dlink CWE-120
critical
 9.8
9.8
2023-06-28 CVE-2023-26615 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
network
low complexity
dlink CWE-640
7.5
7.5
2023-04-17 CVE-2023-29665 Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44201 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-11-22 CVE-2022-44808 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B03
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-11-03 CVE-2022-43109 Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-04-07 CVE-2021-43474 Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05
An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2021-11-04 CVE-2020-25366 Missing Authorization vulnerability in Dlink Dir-823G Firmware 1.02B05
An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.
network
low complexity
dlink CWE-862
critical
 9.1
9.1
2021-11-04 CVE-2020-25368 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
critical
 9.8
9.8