CVE-2025-14208

A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...

EUVD-2025-201619

A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...

CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection

A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...

CVE-2025-14208

CVE-2025-14208 affects D-Link DIR-823X devices up to 20250416. The vulnerability resides in the function sub_415028 of /goform/set_wan_settings, where manipulating the argument ppp_username leads to command injection. Exploitation can be performed remotely, and public proof-of-concept/exploit mat...

D-Link DIR-823X 命令注入漏洞

The D-Link DIR-823X is a wireless router from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DIR-823X 20250416 and earlier versions, which stems from incorrect manipulation of the parameter pppusername in the file /goform/setwansettings, which can lead to command...

The vulnerability of the SetWanSettings module in D-Link DIR-853 A1 software allows a hacker to execute arbitrary code.

The vulnerability of the SetWanSettings module in D-Link DIR-853 A1 router microprogramming software is related to buffer overflow when processing the Password parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

D-Link DIR-853 安全漏洞

The D-Link DIR-853 is a router from China-based AUO D-Link. The D-Link DIR-853 suffers from a buffer overflow vulnerability that stems from the Password parameter in the SetWanSettings module not properly handling user input. No details of the vulnerability are provided at this time...

CVE-2023-41219

D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. T...

D-Link DIR-X3260 安全漏洞

The D-Link DIR-X3260 is a Wi-Fi 6 router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from a stack-based buffer overflow remote code execution vulnerability in prog.cgi SetWanSettings...

CVE-2023-44837

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2023-44837

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2023-44832

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2023-44832

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G Password parameter due to incorrect boundary checking in the SetWanSettings function. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2022-46560

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module...

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...