Search
Search Results (27 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11098 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_wifi_blacklists. The manipulation of the argument macList results in command injection. The attack may be performed from remote. The exploit has been made public and could be used. | ||||
| CVE-2025-11099 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was determined in D-Link DIR-823X 250416. The impacted element is the function uci_del of the file /goform/delete_prohibiting. This manipulation of the argument delvalue causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-11100 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uci_set of the file /goform/set_wifi_blacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-10123 | 2 D-link, Dlink | 3 Dir-823, Dir-823x, Dir-823x Firmware | 2025-09-24 | 7.3 High |
| A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub_415028 of the file /goform/set_static_leases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-10634 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2025-09-24 | 6.3 Medium |
| A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-10814 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2025-09-24 | 6.3 Medium |
| A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-10401 | 2 D-link, Dlink | 3 Dir-823, Dir-823x, Dir-823x Firmware | 2025-09-24 | 6.3 Medium |
| A vulnerability was detected in D-Link DIR-823x up to 250416. The affected element is an unknown function of the file /goform/diag_ping. Performing manipulation of the argument target_addr results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||