Dir-823g Firmware Security Vulnerabilities and Issues — Dir-823g Firmware CVE List

Lucene search

DlinkDir-823g Firmware

23 matches found

CVE•added 2023/06/29 4:15 p.m.•110 views

CVE-2023-26613

An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.

9.8CVSS9.7AI score0.68946EPSS

CVE•added 2023/09/21 1:15 p.m.•103 views

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2019/08/23 5:15 p.m.•97 views

CVE-2019-15526

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings, a related issue to CVE-2019-13482.

9CVSS9AI score0.07181EPSS

CVE•added 2023/06/29 4:15 p.m.•96 views

CVE-2023-26612

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.

9.8CVSS9.7AI score0.02078EPSS

CVE•added 2019/08/23 5:15 p.m.•86 views

CVE-2019-15529

9CVSS8.9AI score0.12529EPSS

CVE•added 2019/08/23 5:15 p.m.•85 views

CVE-2019-15527

9CVSS8.9AI score0.03735EPSS

CVE•added 2019/08/23 5:15 p.m.•81 views

CVE-2019-15528

9CVSS8.9AI score0.03213EPSS

CVE•added 2019/08/23 5:15 p.m.•80 views

CVE-2019-15530

9CVSS8.9AI score0.03213EPSS

CVE•added 2022/04/07 10:15 p.m.•69 views

CVE-2021-43474

An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function

9.8CVSS9.3AI score0.03371EPSS

CVE•added 2024/12/30 1:15 a.m.•63 views

CVE-2024-13030

A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component We...

9.8CVSS7.3AI score0.00139EPSS

CVE•added 2025/03/17 4:15 a.m.•52 views

CVE-2025-2360

A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be lau...

9.8CVSS7.3AI score0.00196EPSS

CVE•added 2022/11/22 3:15 p.m.•51 views

CVE-2022-44808

A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes ...

9.8CVSS9.9AI score0.05303EPSS

CVE•added 2025/03/17 4:15 a.m.•51 views

CVE-2025-2359

A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack re...

9.8CVSS7.3AI score0.00258EPSS

CVE•added 2019/07/01 3:15 p.m.•49 views

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings.

9CVSS8.9AI score0.12529EPSS

CVE•added 2022/11/22 3:15 p.m.•47 views

CVE-2022-44201

D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.

9.8CVSS9.4AI score0.00981EPSS

CVE•added 2023/06/29 4:15 p.m.•47 views

CVE-2023-26616

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.

9.8CVSS9.7AI score0.02078EPSS

CVE•added 2022/11/03 2:15 p.m.•40 views

CVE-2022-43109

D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.

9.8CVSS9.8AI score0.01083EPSS

CVE•added 2023/09/21 1:15 p.m.•38 views

CVE-2023-43241

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2021/11/04 11:15 a.m.•37 views

CVE-2020-25368

A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login.

9.8CVSS9.7AI score0.41536EPSS

CVE•added 2023/04/17 4:15 p.m.•37 views

CVE-2023-29665

D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2019/02/01 6:29 a.m.•35 views

CVE-2019-7298

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from...

9.3CVSS8.5AI score0.39849EPSS

CVE•added 2021/11/04 11:15 a.m.•35 views

CVE-2020-25366

An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.

9.1CVSS8.7AI score0.00549EPSS

CVE•added 2021/11/04 10:15 a.m.•30 views

CVE-2020-25367

9.8CVSS9.7AI score0.30143EPSS