CVE-2026-4193Incorrect Privilege Assignment in D-link Dir-823g

CWE-266Incorrect Privilege AssignmentCWE-284Improper Access Control3 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 73.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-823gDlink Dir-823g Firmware
Timeline
PublishedMar 16

Description

A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomography

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-823g1.0.2B05

🔴Vulnerability Details

2
GHSA
GHSA-4f7r-xrwr-q63x: A security vulnerability has been detected in D-Link DIR-823G 12026-03-16
CVEList
D-Link DIR-823G goahead UpdateClientInfo access control2026-03-15
CVE-2026-4193 — Incorrect Privilege Assignment | cvebase