VYPR

DIR823G

by Dlink

CVEs (90)

  • CVE-2026-2142Feb 8, 2026
    risk 0.00cvss epss 0.06

    A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420688 of the file /goform/set_qos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the…

  • CVE-2026-2129Feb 8, 2026
    risk 0.00cvss epss 0.04

    A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performing a manipulation of the argument ac_ipaddr/ac_ipstatus/ap_randtime results in os command injection. The attack may be initiated…

  • CVE-2026-2120Feb 8, 2026
    risk 0.00cvss epss 0.04

    A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/set_server_settings of the component Configuration Parameter Handler. The manipulation of the argument terminal_addr/server_ip/server_port leads to os command…

  • CVE-2026-2084Feb 7, 2026
    risk 0.00cvss epss 0.04

    A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has…

  • CVE-2025-60671Nov 13, 2025
    risk 0.00cvss epss 0.01

    A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit file. The vulnerability occurs because content read from this file is only…

  • CVE-2025-60675Nov 13, 2025
    risk 0.00cvss epss 0.01

    A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration…

  • CVE-2025-60331Oct 22, 2025
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCU_SHELL endpoint. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2025-60332Oct 22, 2025
    risk 0.00cvss epss 0.05

    A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2025-2360Mar 17, 2025
    risk 0.00cvss epss 0.04

    A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization.…

  • CVE-2024-13030Dec 30, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/…

  • CVE-2024-51023Nov 5, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-51024Nov 5, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-44408Sep 6, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.

  • CVE-2024-33345Apr 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27655Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

  • CVE-2024-27659Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27656Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

  • CVE-2024-27661Feb 29, 2024
    risk 0.00cvss epss 0.00

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27662Feb 29, 2024
    risk 0.00cvss epss 0.00

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27657Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.