Dlink Dir-823G Firmware vulnerabilities

CVE-2023-44831 [HIGH] CWE-120 CVE-2023-44831: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in th D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44830 [HIGH] CWE-120 CVE-2023-44830: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44834 [HIGH] CWE-120 CVE-2023-44834: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44835 [HIGH] CWE-120 CVE-2023-44835: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44837 [HIGH] CWE-120 CVE-2023-44837: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter i D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44832 [HIGH] CWE-120 CVE-2023-44832: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44828 [HIGH] CWE-120 CVE-2023-44828: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword para D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44838 [HIGH] CWE-120 CVE-2023-44838: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44833 [HIGH] CWE-120 CVE-2023-44833: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter i D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44829 [HIGH] CWE-120 CVE-2023-44829: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parame D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44836 [HIGH] CWE-120 CVE-2023-44836: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in th D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-44839 [HIGH] CWE-120 CVE-2023-44839: D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2023-43241 [CRITICAL] CWE-787 CVE-2023-43241: D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and Guard D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.

CVE-2023-43235 [CRITICAL] CWE-787 CVE-2023-43235: D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and End D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.

CVE-2023-26612 [CRITICAL] CWE-120 CVE-2023-26612: D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.

CVE-2023-26613 [CRITICAL] CWE-78 CVE-2023-26613: An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorize An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.

CVE-2023-26616 [CRITICAL] CWE-120 CVE-2023-26616: D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.

CVE-2023-26615 [HIGH] CWE-640 CVE-2023-26615: D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from t D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.

CVE-2023-29665 [CRITICAL] CWE-787 CVE-2023-29665: D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters i D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.

CVE-2022-44808 [CRITICAL] CWE-78 CVE-2022-44808: A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1. A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerabilit