Description
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-03-15
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Configuration Modification
Action: Patch Immediately
AI Analysis

Impact

The vulnerability exposes improper access controls in a large set of device configuration functions, including UpdateClientInfo. An attacker with remote access can manipulate those functions, potentially changing network settings such as firewall rules, LAN/WAN configurations, or the device domain name. This could allow the attacker to reroute traffic, disable security features, or otherwise disrupt the device’s operation. The weakness is an improper access control that permits privileged operations without proper authentication or authorization checks.

Affected Systems

The flaw is present only in the D‑Link DIR‑823G model running firmware version 1.0.2B05. This firmware is no longer supported by the vendor, meaning that no official security patches or updates are likely to be released. The device may still be in use in some networks but does not have active vendor support.

Risk and Exploitability

With a CVSS score of 6.9 the vulnerability is considered moderate, while the EPSS score of less than 1% suggests a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog, but the attack can be launched remotely and has been publicly disclosed. Because the device is unsupported, attackers who still have connectivity to it can exploit the access control flaw to alter configuration, potentially leading to denial of service or compromise of network traffic.

Generated by OpenCVE AI on April 7, 2026 at 10:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the DIR‑823G firmware to the latest supported version if one is available.
  • If no firmware upgrade exists, replace the unit with a supported model that has active vendor support.
  • Block or restrict remote management access to the device using network firewalls, allowing only trusted administrative hosts.
  • Disable or limit the affected configuration functions through local settings or network policies if possible.
  • Monitor device logs and network traffic for signs of unauthorized configuration changes or anomalies.

Generated by OpenCVE AI on April 7, 2026 at 10:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-823g
Dlink dir-823g Firmware
CPEs cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-823g_firmware:1.0.2b05:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-823g
Dlink dir-823g Firmware

Tue, 17 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-823g
Vendors & Products D-link
D-link dir-823g

Mon, 16 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 15 Mar 2026 23:15:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title D-Link DIR-823G goahead UpdateClientInfo access control
Weaknesses CWE-266
CWE-284
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Dir-823g
Dlink Dir-823g Dir-823g Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-16T14:40:35.349Z

Reserved: 2026-03-15T08:07:31.639Z

Link: CVE-2026-4193

cve-icon Vulnrichment

Updated: 2026-03-16T14:36:46.915Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T14:20:02.893

Modified: 2026-04-07T01:12:00.430

Link: CVE-2026-4193

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T20:02:33Z

Weaknesses