D-Link Dir 823x Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D-Link Dir 823x Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in D-Link Dir 823x Firmware. Last year, in 2025 Dir 823x Firmware had 8 security vulnerabilities published. Right now, Dir 823x Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 8 | 6.85 |
| 2024 | 1 | 0.00 |
It may take a day or so for new Dir 823x Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Dir 823x Firmware Security Vulnerabilities
D-Link DIR-832x CC Exploit via 0x41dda8 Remote Code Exec
CVE-2025-29039
- April 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8
D-Link DIR 832x Remote Code Exec via Function 0x417234
CVE-2025-29043
- April 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
D-Link DIR-832x Router Code Exec via macaddr Key (CVE-2025-29042)
CVE-2025-29042
- April 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
D-Link DIR-823x RCE via target_addr key exploitation
CVE-2025-29041
- April 17, 2025
An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c
Remote Code Execution via target_addr in D-Link DIR-823x
CVE-2025-29040
- April 17, 2025
An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c
CMD INJECTION D-Link DIR-823X /goform/set_prohibiting POST
CVE-2025-29635
- March 25, 2025
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.
OS Command Injection in D-Link DIR-823X HTTP POST Request Handler
CVE-2025-2717
7.2 - High
- March 25, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. This issue affects the function sub_41710C of the file /goform/diag_nslookup of the component HTTP POST Request Handler. The manipulation of the argument target_addr leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Shell injection
D-Link DIR-823X Null Ptr Deref in HTTP POST /goform/set_wifi_blacklists (Remote)
CVE-2025-1103
6.5 - Medium
- February 07, 2025
A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
NULL Pointer Dereference
D-Link DIR-823X RCE via ntp_zone_val param (HTTP)
CVE-2024-39962
- July 19, 2024
D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. This vulnerability is exploited via a crafted HTTP request.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D-Link Dir 823x Firmware or by D-Link? Click the Watch button to subscribe.
