D-Link Dir 823g Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D-Link Dir 823g Firmware.
By the Year
In 2025 there have been 2 vulnerabilities in D-Link Dir 823g Firmware with an average score of 9.8 out of ten. Last year, in 2024 Dir 823g Firmware had 13 security vulnerabilities published. Right now, Dir 823g Firmware is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 2.58.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 2 | 9.80 |
| 2024 | 13 | 7.22 |
| 2023 | 11 | 7.71 |
| 2022 | 3 | 9.80 |
It may take a day or so for new Dir 823g Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Dir 823g Firmware Security Vulnerabilities
D-Link DIR-823G 1.0.2B05 DDNS Auth Bypass via SOAPAction
CVE-2025-2359
9.8 - Critical
- March 17, 2025
A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AuthZ
Critical Improper Auth in D-Link DIR-823G 1.0.2B05 via UPnP SetUpnpSettings
CVE-2025-2360
9.8 - Critical
- March 17, 2025
A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AuthZ
D-Link DIR-823G Web Management Interface Improper Access Controls Vulnerability
CVE-2024-13030
9.8 - Critical
- December 30, 2024
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Authorization
D-Link DIR-823G 1.0.2 Command Injection
CVE-2024-51023
- November 05, 2024
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
D-Link DIR-823G 1.0.2 Command Injection via HostName
CVE-2024-51024
- November 05, 2024
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
D-Link DIR-823G v1.0.2B05 Info Disclosure via Config Download
CVE-2024-44408
7.5 - High
- September 06, 2024
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.
AuthZ
D-Link DIR-823G DoS via Null-pointer in upload_firmware.cgi v1.0.2B05
CVE-2024-33345
- April 29, 2024
D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.
DoS in D-Link DIR-823G A1V1.0.2B05 via Null Deref (sub_41C488)
CVE-2024-27660
6.5 - Medium
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
D-Link DIR-823G A1V1.0.2B05 Buffer Overflow via SOAP Action (DoS)
CVE-2024-27655
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
Buffer Overflow in D-Link DIR-823G Router (A1V1.0.2B05) via Cookie Parameter
CVE-2024-27656
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
D-Link DIR-823G A1V1.0.2B05 Buffer Overflow in User-Agent (DoS/RCE)
CVE-2024-27657
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
D-Link DIR-823G A1V1.0.2B05 Null-Ptr Deref DoS Vulnerability
CVE-2024-27658
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
D-Link DIR-823G A1V1.0.2B05 DoS via Null-Pointer Deref in sub_42AF30
CVE-2024-27659
6.5 - Medium
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
D-Link DIR-823G A1V1.0.2B05 DoS via Null Pointer in sub_4484A8
CVE-2024-27661
6.5 - Medium
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
DIR-823G Firmware A1V1.0.2B05 Null-Ptr Deref in sub_4110f4 Enables DoS
CVE-2024-27662
6.5 - Medium
- February 29, 2024
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Improper Handling of Exceptional Conditions
Buffer Overflow in D-Link DIR-823G A1V1.0.2B05 Causing DoS
CVE-2023-44828
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G DoS via AdminPassword Buffer Overflow (SetDeviceSettings)
CVE-2023-44829
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G A1V1.0.2B05 Buffer Overflow in SetParentsControlInfo (DoS)
CVE-2023-44830
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
Buffer Overflow in SetWLanRadioSettings (DIR-823G A1V1.0.2B05)
CVE-2023-44831
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
DoS via buffer overflow in A1V1.0.2B05 SetWanSettings (D-Link DIR-823G)
CVE-2023-44832
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G A1V1.0.2B05 Buffer Overflow via GuardInt (DoS)
CVE-2023-44833
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G A1V1.0.2B05 Buffer Overflow in SetParentsControlInfo (Router DoS)
CVE-2023-44834
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G A1V1.0.2B05 buffer overflow in SetParentsControlInfo allows DoS
CVE-2023-44835
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR-823G A1V1.0.2B05 SSID Buffer Overflow -> DoS
CVE-2023-44836
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
Buffer Overflow in D-Link DIR-823G A1V1.0.2B05 SetWanSettings => DoS
CVE-2023-44837
7.5 - High
- October 05, 2023
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Classic Buffer Overflow
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow
CVE-2023-29665
9.8 - Critical
- April 17, 2023
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
Memory Corruption
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03
CVE-2022-44808
9.8 - Critical
- November 22, 2022
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.
Shell injection
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.
CVE-2022-44201
9.8 - Critical
- November 22, 2022
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.
Shell injection
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings
CVE-2022-43109
9.8 - Critical
- November 03, 2022
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D-Link Dir 823g Firmware or by D-Link? Click the Watch button to subscribe.
