CVE-2023-26615

2023-06-2800:00:00

mitre

www.cve.org

d-link

dir-823g

firmware

password reset

vulnerability

setmultipleactions api

web page management password

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.7%

JSON

D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.

References

github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1

github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions