ID

VAR-202603-1841


CVE

CVE-2026-4193


TITLE

D-Link Corporation of DIR-823G  Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188

DESCRIPTION

A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. In addition, information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-4193 // JVNDB: JVNDB-2026-010188

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-823gscope:eqversion:1.0.2b05

Trust: 1.0

vendor:d linkmodel:dir-823gscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-823gscope:eqversion:dir-823g firmware 1.0.2b05

Trust: 0.8

vendor:d linkmodel:dir-823gscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188 // NVD: CVE-2026-4193

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-4193
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2026-4193
value: HIGH

Trust: 1.0

OTHER: JVNDB-2026-010188
value: HIGH

Trust: 0.8

cna@vuldb.com: CVE-2026-4193
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2026-010188
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2026-4193
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-4193
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2026-010188
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188 // NVD: CVE-2026-4193 // NVD: CVE-2026-4193

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

problemtype:CWE-266

Trust: 1.0

problemtype:Improper permission settings (CWE-266) [ others ]

Trust: 0.8

problemtype: Inappropriate access control (CWE-284) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188 // NVD: CVE-2026-4193

PATCH

title:httpsurl:https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_91/91.md

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188

EXTERNAL IDS

db:NVDid:CVE-2026-4193

Trust: 2.6

db:VULDBid:351105

Trust: 1.0

db:JVNDBid:JVNDB-2026-010188

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188 // NVD: CVE-2026-4193

REFERENCES

url:https://www.dlink.com/

Trust: 1.8

url:https://vuldb.com/?submit.769837

Trust: 1.0

url:https://vuldb.com/?submit.769836

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/d-link7/vuln_92/92.md

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/d-link7/vuln_91/91.md

Trust: 1.0

url:https://vuldb.com/?submit.769838

Trust: 1.0

url:https://vuldb.com/?id.351105

Trust: 1.0

url:https://vuldb.com/?ctiid.351105

Trust: 1.0

url:https://vuldb.com/?submit.769841

Trust: 1.0

url:https://vuldb.com/?submit.769839

Trust: 1.0

url:https://vuldb.com/?submit.769835

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-4193

Trust: 0.8

sources: JVNDB: JVNDB-2026-010188 // NVD: CVE-2026-4193

SOURCES

db:JVNDBid:JVNDB-2026-010188
db:NVDid:CVE-2026-4193

LAST UPDATE DATE

2026-06-18T21:48:36.183000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-010188date:2026-04-08T01:52:00
db:NVDid:CVE-2026-4193date:2026-04-29T01:00:01.613

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-010188date:2026-04-08T00:00:00
db:NVDid:CVE-2026-4193date:2026-03-16T14:20:02.893