Design/Logic Flaw

2023-06-2815:15:00

PRIOn knowledge base

www.prio-n.com

d-link

firmware

password reset

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.7%

JSON

D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.

CPENameOperatorVersion
dir-823g_firmwareeq1.2.0-b5

CPE	Name	Operator	Version
	dir-823g_firmware	eq	1.2.0-b5

References

github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1

github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions