Total
42 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7390 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-12-10 | 5.0 MEDIUM | 8.6 HIGH |
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API. | |||||
CVE-2018-17787 | 2 D-link, Dlink | 2 Dir-823g Firmware, Dir-823g | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function. |