CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44833
https://notcve.org/view.php?id=CVE-2023-44833
05 Oct 2023 — D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro GuardInt en la función SetWLanRadioSettings. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetWLanRadioSettings_GuardInt • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44832
https://notcve.org/view.php?id=CVE-2023-44832
05 Oct 2023 — D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro MacAddress en la función SetWanSettings. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetWanSettings_MacAddress • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44830
https://notcve.org/view.php?id=CVE-2023-44830
05 Oct 2023 — D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro EndTime en la función SetParentsControlInfo. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetParentsControlInfo_EndTime • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44837
https://notcve.org/view.php?id=CVE-2023-44837
05 Oct 2023 — D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro Password en la función SetWanSettings. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetWanSettings_Password • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44836
https://notcve.org/view.php?id=CVE-2023-44836
05 Oct 2023 — D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro SSID en la función SetWLanRadioSettings. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetWLanRadioSettings_SSID • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43235
https://notcve.org/view.php?id=CVE-2023-43235
21 Sep 2023 — D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings. Se descubrió que D-Link DIR-823G v1.0.2B05 contenía un Desbordamiento del Búfer mediante los parámetros StartTime y EndTime en SetWifiDownSettings. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/823G/SetWifiDownSettings/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43241
https://notcve.org/view.php?id=CVE-2023-43241
21 Sep 2023 — D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity. Se descubrió que D-Link DIR-823G v1.0.2B05 contenía un Desbordamiento del Búfer mediante el parámetro TXPower y GuardInt en SetWLanRadioSecurity. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/823G/SetWLanRadioSecurity/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26616
https://notcve.org/view.php?id=CVE-2023-26616
29 Jun 2023 — D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. • https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26612
https://notcve.org/view.php?id=CVE-2023-26612
29 Jun 2023 — D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. • https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26613
https://notcve.org/view.php?id=CVE-2023-26613
29 Jun 2023 — An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL. • https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/excu_shell • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •