Filtered by vendor Dlink Subscriptions
Filtered by product Dir-823g Subscriptions
Total 43 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-17787 2 D-link, Dlink 2 Dir-823g Firmware, Dir-823g 2024-11-21 N/A
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.
CVE-2018-17786 2 D-link, Dlink 2 Dir-823g Firmware, Dir-823g 2024-11-21 N/A
On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote attackers to execute arbitrary code.
CVE-2024-44408 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-09-10 7.5 High
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.