CVE-2023-26615
First published: Wed Jun 28 2023(Updated: )
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dir-823g Firmware | =1.02b05 | |
| Dlink Dir-823g |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-26615?
CVE-2023-26615 is a password reset vulnerability in D-Link DIR-823G firmware version 1.02B05.
How does the password reset vulnerability in D-Link DIR-823G firmware version 1.02B05 work?
The vulnerability originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
What is the severity of CVE-2023-26615?
CVE-2023-26615 has a severity of 7.5 (high).
Is D-Link DIR-823G firmware version 1.02B05 vulnerable?
Yes, D-Link DIR-823G firmware version 1.02B05 is vulnerable to CVE-2023-26615.
How can I fix the password reset vulnerability in D-Link DIR-823G firmware version 1.02B05?
There is currently no official fix or patch available for CVE-2023-26615. It is recommended to update to the latest firmware version when it becomes available.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- vendor/dlink
- canonical/dlink dir-823g firmware
- version/dlink dir-823g firmware/1.02b05
- canonical/dlink dir-823g