Sign-up

ID

VAR-202603-1841


CVE

CVE-2026-4193


DESCRIPTION

A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Trust: 1.0

sources: NVD: CVE-2026-4193

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-823gscope:eqversion:1.0.2b05

Trust: 1.0

sources: NVD: CVE-2026-4193

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-4193
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2026-4193
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2026-4193
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2026-4193
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-4193
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-4193 // NVD: CVE-2026-4193

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

problemtype:CWE-266

Trust: 1.0

sources: NVD: CVE-2026-4193

EXTERNAL IDS

db:VULDBid:351105

Trust: 1.0

db:NVDid:CVE-2026-4193

Trust: 1.0

sources: NVD: CVE-2026-4193

REFERENCES

url:https://vuldb.com/?submit.769835

Trust: 1.0

url:https://vuldb.com/?submit.769836

Trust: 1.0

url:https://vuldb.com/?submit.769838

Trust: 1.0

url:https://vuldb.com/?submit.769841

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/d-link7/vuln_91/91.md

Trust: 1.0

url:https://vuldb.com/?id.351105

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/d-link7/vuln_92/92.md

Trust: 1.0

url:https://vuldb.com/?ctiid.351105

Trust: 1.0

url:https://vuldb.com/?submit.769837

Trust: 1.0

url:https://www.dlink.com/

Trust: 1.0

url:https://vuldb.com/?submit.769839

Trust: 1.0

sources: NVD: CVE-2026-4193

SOURCES

db:NVDid:CVE-2026-4193

LAST UPDATE DATE

2026-04-07T23:33:47.520000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-4193date:2026-04-07T01:12:00.430

SOURCES RELEASE DATE

db:NVDid:CVE-2026-4193date:2026-03-16T14:20:02.893