CVE-2024-44408

CWE-862Missing AuthorizationCWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-823g Firmware
Timeline
PublishedSep 6

Description

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDdlink/dir-823g_firmware1.0.2b05_20181207

🔴Vulnerability Details

2
GHSA
GHSA-pvxf-38x8-qcmc: D-Link DIR-823G v12024-09-06
CVEList
CVE-2024-44408: D-Link DIR-823G v12024-09-06
CVE-2024-44408 (HIGH CVSS 7.5) | D-Link DIR-823G v1.0.2B05_20181207 | cvebase.io