Dir-823x Firmware Security Vulnerabilities and Issues — Dir-823x Firmware CVE List

Lucene search

DlinkDir-823x Firmware

10 matches found

CVE•added 2025/03/25 12:15 a.m.•63 views

CVE-2025-2717

A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. This issue affects the function sub_41710C of the file /goform/diag_nslookup of the component HTTP POST Request Handler. The manipulation of the argument target_addr leads to os command injection. Th...

7.2CVSS7.8AI score0.00096EPSS

CVE•added 2025/03/25 2:15 p.m.•55 views

CVE-2025-29635

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

8.8CVSS8.6AI score0.00657EPSS

CVE•added 2025/02/07 3:15 p.m.•53 views

CVE-2025-1103

A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer derefere...

7.1CVSS7AI score0.00454EPSS

CVE•added 2025/04/17 5:15 p.m.•49 views

CVE-2025-29039

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8

7.2CVSS8.1AI score0.00327EPSS

CVE•added 2025/04/17 3:15 p.m.•46 views

CVE-2025-29040

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c

9.8CVSS9.7AI score0.0083EPSS

CVE•added 2025/04/17 3:15 p.m.•45 views

CVE-2025-29041

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c

9.8CVSS9.7AI score0.0083EPSS

CVE•added 2025/04/17 4:15 p.m.•44 views

CVE-2025-29042

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c

9.8CVSS8AI score0.0083EPSS

CVE•added 2024/07/08 4:15 p.m.•41 views

CVE-2024-39202

D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings.

8.8CVSS7.5AI score0.00968EPSS

CVE•added 2025/04/17 4:15 p.m.•40 views

CVE-2025-29043

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234

9.8CVSS7.6AI score0.0083EPSS

CVE•added 2024/07/19 3:15 p.m.•39 views

CVE-2024-39962

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. This vulnerability is exploited via a crafted HTTP request.

9.8CVSS8.2AI score0.03568EPSS