VYPR

DIR823G

by Dlink

CVEs (90)

  • CVE-2021-43474Apr 7, 2022
    risk 0.00cvss epss 0.03

    An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function

  • CVE-2020-25366Nov 4, 2021
    risk 0.00cvss epss 0.03

    An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.

  • CVE-2019-15526Aug 23, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings, a related issue to CVE-2019-13482.

  • CVE-2019-15527Aug 23, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings.

  • CVE-2019-15528Aug 23, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Interface field to SetStaticRouteSettings.

  • CVE-2019-15530Aug 23, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login.

  • CVE-2019-8392Feb 17, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead.

  • CVE-2019-7389Feb 5, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a…

  • CVE-2019-7390Feb 5, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.

  • CVE-2019-7388Feb 5, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an…

Page 5 of 5