D-link Dir-823g Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names D-link Dir-823g Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-17786 — CVSS 9.8 (critical): On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require…
CVE-2018-17787 — CVSS 9.8 (critical): On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because…
CVE-2018-17881 — CVSS 9.8 (critical): On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger…
CVE-2019-7297 — CVSS 9.8 (critical): An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to…
CVE-2018-17880 — CVSS 7.5 (high): On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a…