The D-Link DIR-823G is an AC1200M dual-band gigabit wireless router.A command injection vulnerability exists in the HNAP1 protocol of the D-Link DIR-823G version 1.0.2B05. The vulnerability can be exploited to execute arbitrary web scripts via shell meta characters in the PrivateLogin field of the login section.