Recent CVEs
CVE-2024-13030
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-44408
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.
CVE-2024-33345
D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-43241
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.
CVE-2023-43235
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.
CVE-2023-26616
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
CVE-2023-26612
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
CVE-2023-26615
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.