Filtered by vendor D-link Subscriptions
Filtered by product Dir-823g Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-26615 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-27 7.5 High
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
CVE-2023-26613 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-27 9.8 Critical
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.
CVE-2023-26616 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-27 9.8 Critical
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
CVE-2023-26612 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-27 9.8 Critical
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
CVE-2024-33345 1 D-link 1 Dir-823g 2024-11-21 6.5 Medium
D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-43241 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-21 9.8 Critical
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.
CVE-2023-43235 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-21 9.8 Critical
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.
CVE-2024-44408 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-09-10 7.5 High
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.