CVE-2026-4193

Description

A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

PUBLISHED Reserved 2026-03-15 | Published 2026-03-15 | Updated 2026-03-16 | Assigner VulDB

Problem types

Improper Access Controls

Incorrect Privilege Assignment

Product status

Timeline

Credits

pjqwudi (VulDB User) reporter

References

vuldb.com/?id.351105 (VDB-351105 | D-Link DIR-823G goahead UpdateClientInfo access control) vdb-entry technical-description

vuldb.com/?ctiid.351105 (VDB-351105 | CTI Indicators (IOB, IOC, TTP, IOA)) signature permissions-required

vuldb.com/?submit.769835 (Submit #769835 | D-Link 1.0.2B05 Improper Access Controls) third-party-advisory

vuldb.com/?submit.769836 (Submit #769836 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)) third-party-advisory

vuldb.com/?submit.769837 (Submit #769837 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)) third-party-advisory

vuldb.com/?submit.769838 (Submit #769838 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)) third-party-advisory

vuldb.com/?submit.769839 (Submit #769839 | D-Link DIR823G 1.0.2B05 Stack-based Buffer Overflow (Duplicate)) third-party-advisory

vuldb.com/?submit.769841 (Submit #769841 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)) third-party-advisory

github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_91/91.md related

github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_92/92.md exploit

www.dlink.com/ product

cve.org (CVE-2026-4193)

nvd.nist.gov (CVE-2026-4193)

Download JSON