This page lists publicly disclosed CVE vulnerabilities affecting dlink dir-823_pro_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-45729 | D-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized users to turn on and access Telnet services. | [email protected] | 6.3 | 0.33% | 2025-06-27 | 2025-07-01 |
| CVE-2022-28573 | D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers to execute arbitrary commands via the system_time_timezone parameter. | [email protected] | 9.8 | 27.46% | 2022-05-02 | 2024-11-21 |
| CVE-2021-46457 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function ChgSambaUserSettings. This vulnerability allows attackers to execute arbitrary commands via the samba_name parameter. | [email protected] | 9.8 | 4.06% | 2022-02-04 | 2024-11-21 |
| CVE-2021-46456 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanACLSettings. This vulnerability allows attackers to execute arbitrary commands via the wl(0).(0)_maclist parameter. | [email protected] | 9.8 | 4.06% | 2022-02-04 | 2024-11-21 |
| CVE-2021-46455 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStationSettings. This vulnerability allows attackers to execute arbitrary commands via the station_access_enable parameter. | [email protected] | 9.8 | 4.06% | 2022-02-04 | 2024-11-21 |
| CVE-2021-46454 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanApcliSettings. This vulnerability allows attackers to execute arbitrary commands via the ApCliKeyStr parameter. | [email protected] | 9.8 | 4.81% | 2022-02-04 | 2024-11-21 |
| CVE-2021-46453 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStaticRouteSettings. This vulnerability allows attackers to execute arbitrary commands via the staticroute_list parameter. | [email protected] | 9.8 | 4.10% | 2022-02-04 | 2024-11-21 |
| CVE-2021-46452 | D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via the tomography_ping_address, tomography_ping_number, tomography_ping_size, tomography_ping_timeout, and tomography_ping_ttl parameters. | [email protected] | 9.8 | 4.10% | 2022-02-04 | 2024-11-21 |