Dir-823 Firmware Security Vulnerabilities and Issues — Dir-823 Firmware CVE List

Lucene search

DlinkDir-823 Firmware

10 matches found

CVE•added 2019/12/30 5:15 p.m.•441 views

CVE-2019-17621

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

10CVSS9.3AI score0.93194EPSS

CVE•added 2018/07/13 8:29 p.m.•141 views

CVE-2016-6563

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818...

10CVSS9.8AI score0.85671EPSS

CVE•added 2020/01/02 2:16 p.m.•102 views

CVE-2019-20213

D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.

7.5CVSS7.3AI score0.00841EPSS

CVE•added 2024/02/29 8:15 p.m.•96 views

CVE-2024-27662

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

6.5CVSS6.9AI score0.00023EPSS

CVE•added 2024/02/29 8:15 p.m.•80 views

CVE-2024-27657

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

8.8CVSS8.4AI score0.01571EPSS

CVE•added 2024/02/29 8:15 p.m.•79 views

CVE-2024-27656

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

8.8CVSS8.4AI score0.01571EPSS

CVE•added 2024/02/29 8:15 p.m.•78 views

CVE-2024-27658

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

6.5CVSS6.9AI score0.00023EPSS

CVE•added 2024/02/29 8:15 p.m.•77 views

CVE-2024-27661

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

6.5CVSS6.9AI score0.00023EPSS

CVE•added 2024/02/29 8:15 p.m.•74 views

CVE-2024-27659

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

6.5CVSS6.9AI score0.00023EPSS

CVE•added 2024/02/29 8:15 p.m.•72 views

CVE-2024-27655

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

8.8CVSS8.4AI score0.01571EPSS