Shodan
Vulnerabilities
Vulnerable Software
Dlink:  >> Dir-823g  Security Vulnerabilities
CVE-2023-26616
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
CVSS Score
9.8
EPSS Score
0.021
Published
2023-06-29
CVE-2023-26615
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-28
CVE-2023-29665
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
CVSS Score
9.8
EPSS Score
0.019
Published
2023-04-17
CVE-2022-44808
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.
CVSS Score
9.8
EPSS Score
0.051
Published
2022-11-22
CVE-2022-44201
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-11-22
CVE-2022-43109
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-11-03
CVE-2021-43474
An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function
CVSS Score
9.8
EPSS Score
0.034
Published
2022-04-07
CVE-2020-25366
An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.
CVSS Score
9.1
EPSS Score
0.005
Published
2021-11-04
CVE-2020-25368
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login.
CVSS Score
9.8
EPSS Score
0.415
Published
2021-11-04
CVE-2020-25367
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.
CVSS Score
9.8
EPSS Score
0.301
Published
2021-11-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved