D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 10 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-823g
Dlink dir-823g Firmware
Weaknesses CWE-862
CPEs cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-823g_firmware:1.0.2b05_20181207:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-823g
Dlink dir-823g Firmware

Fri, 06 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-823g
Weaknesses CWE-200
CPEs cpe:2.3:h:d-link:dir-823g:1.0.2b05_20181207:*:*:*:*:*:*:*
Vendors & Products D-link
D-link dir-823g
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 16:15:00 +0000

Type Values Removed Values Added
Description D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-06T20:27:23.513Z

Reserved: 2024-08-21T00:00:00

Link: CVE-2024-44408

cve-icon Vulnrichment

Updated: 2024-09-06T20:27:18.464Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-06T16:15:03.243

Modified: 2024-09-10T17:01:55.630

Link: CVE-2024-44408

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.