D Link Dir 823x
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D Link Dir 823x.
By the Year
In 2026 there have been 3 vulnerabilities in D Link Dir 823x with an average score of 5.5 out of ten. Last year, in 2025 Dir 823x had 7 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Dir 823x in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.77
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 5.53 |
| 2025 | 7 | 6.30 |
It may take a day or so for new Dir 823x vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D Link Dir 823x Security Vulnerabilities
Remote OS Command Injection via /goform/set_filtering on D-Link DIR-823X
CVE-2026-2210
7.2 - High
- February 09, 2026
A vulnerability has been found in D-Link DIR-823X 250416. This affects the function sub_4211C8 of the file /goform/set_filtering. Such manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Shell injection
OS Command Injection via /goform/set_mac_clone on D-Link DIR-823X
CVE-2026-2082
4.7 - Medium
- February 07, 2026
A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.
Shell injection
D-Link DIR-823X OS Command Injection via /goform/set_password
CVE-2026-2081
4.7 - Medium
- February 07, 2026
A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_password. This manipulation of the argument http_passwd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Shell injection
Command Injection in D-Link DIR-823X set_wifi_blacklists
CVE-2025-11100
6.3 - Medium
- September 28, 2025
A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uci_set of the file /goform/set_wifi_blacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Command Injection
CVE-2025-11099: Remote Command Injection via D-Link DIR-823X uci_del
CVE-2025-11099
6.3 - Medium
- September 28, 2025
A vulnerability was determined in D-Link DIR-823X 250416. The impacted element is the function uci_del of the file /goform/delete_prohibiting. This manipulation of the argument delvalue causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Command Injection
DIR-823X /goform/set_wifi_blacklists Cmd Injection via macList (CVE-2025-11098)
CVE-2025-11098
6.3 - Medium
- September 28, 2025
A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_wifi_blacklists. The manipulation of the argument macList results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
Command Injection
D-Link DIR-823X 250416 cmd injection via /goform/set_device_name
CVE-2025-11097
6.3 - Medium
- September 28, 2025
A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/set_device_name. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Command Injection
Command Injection via TARGET_ADDR in D-Link DIR-823X /goform/diag_traceroute
CVE-2025-11096
6.3 - Medium
- September 28, 2025
A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diag_traceroute. Executing manipulation of the argument target_addr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
Command Injection
D-Link DIR-823X Code Injection via /goform/delete_offline_device
CVE-2025-11095
6.3 - Medium
- September 28, 2025
A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Command Injection
Cmd Injection in D-Link DIR-823X Router via /goform/set_switch_settings Port
CVE-2025-11092
6.3 - Medium
- September 28, 2025
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_switch_settings. This manipulation of the argument port causes command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D Link Dir 823x or by D Link? Click the Watch button to subscribe.
