Dir 823x Firmware
by Dlink
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-11492 | Med | 0.28 | 4.3 | 0.01 | Jun 8, 2026 | A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in least privilege violation. The attack can be initiated remotely. The exploit… | ||
| CVE-2026-1685 | Low | 0.24 | 3.7 | 0.01 | Jan 30, 2026 | A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is… | ||
| CVE-2023-26613 | 0.05 | — | 0.29 | Jun 29, 2023 | An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL. | |||
| CVE-2025-60675 | 0.00 | — | 0.01 | Nov 13, 2025 | A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration… | |||
| CVE-2024-39202 | 0.00 | — | 0.01 | Jul 8, 2024 | D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. | |||
| CVE-2023-26616 | 0.00 | — | 0.01 | Jun 29, 2023 | D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | |||
| CVE-2023-26612 | 0.00 | — | 0.01 | Jun 29, 2023 | D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | |||
| CVE-2023-26615 | 0.00 | — | 0.01 | Jun 28, 2023 | D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password. |
- risk 0.28cvss 4.3epss 0.01
A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in least privilege violation. The attack can be initiated remotely. The exploit…
- risk 0.24cvss 3.7epss 0.01
A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is…
- CVE-2023-26613Jun 29, 2023risk 0.05cvss —epss 0.29
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.
- CVE-2025-60675Nov 13, 2025risk 0.00cvss —epss 0.01
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration…
- CVE-2024-39202Jul 8, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings.
- CVE-2023-26616Jun 29, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
- CVE-2023-26612Jun 29, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
- CVE-2023-26615Jun 28, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
Page 2 of 2