Dlink

Dir-823x Firmware

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-11097

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.09.2025 05:15:31
  • Zuletzt bearbeitet 02.10.2025 18:58:00

A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/set_device_name. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exp...

8.8

CVE-2025-11096

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.09.2025 05:15:30
  • Zuletzt bearbeitet 02.10.2025 19:02:45

A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diag_traceroute. Executing manipulation of the argument target_addr can lead to command injection. The attack can be executed remotely. Th...

8.8

CVE-2025-11095

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.09.2025 04:15:42
  • Zuletzt bearbeitet 02.10.2025 19:06:34

A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attac...

8.8

CVE-2025-11092

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.09.2025 03:15:30
  • Zuletzt bearbeitet 02.10.2025 19:06:44

A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_switch_settings. This manipulation of the argument port causes command injection. The attack may be initiated remotely...

8.8

CVE-2025-55848

Exploit
  • EPSS 0.1%
  • Veröffentlicht 26.09.2025 17:15:36
  • Zuletzt bearbeitet 09.03.2026 15:18:06

An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the set_cassword settings interface, as the http_casswd parameter is not filtered by '&'to allow injection of reverse connection commands.

8.8

CVE-2025-10814

Exploit
  • EPSS 0.07%
  • Veröffentlicht 22.09.2025 21:15:58
  • Zuletzt bearbeitet 24.09.2025 18:42:26

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initi...

8.8

CVE-2025-10634

Exploit
  • EPSS 0.08%
  • Veröffentlicht 18.09.2025 01:02:15
  • Zuletzt bearbeitet 24.09.2025 18:42:57

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/serve...

8.8

CVE-2025-10401

Exploit
  • EPSS 0.12%
  • Veröffentlicht 14.09.2025 15:32:06
  • Zuletzt bearbeitet 24.09.2025 18:41:54

A vulnerability was detected in D-Link DIR-823x up to 250416. The affected element is an unknown function of the file /goform/diag_ping. Performing manipulation of the argument target_addr results in command injection. Remote exploitation of the atta...

9.8

CVE-2025-10123

Exploit
  • EPSS 0.19%
  • Veröffentlicht 09.09.2025 02:32:10
  • Zuletzt bearbeitet 24.09.2025 18:43:47

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub_415028 of the file /goform/set_static_leases. Executing manipulation of the argument Hostname can lead to command injection. The attack...

7.2

CVE-2025-29039

Exploit
  • EPSS 3.04%
  • Veröffentlicht 17.04.2025 00:00:00
  • Zuletzt bearbeitet 25.04.2025 18:28:39

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8