Lucene search

Dir-816 A2 Firmware Security Vulnerabilities

cve

CVE-2023-43237

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in...

9.8CVSS

7.8AI Score

0.001EPSS

2023-09-21 01:15 PM

cve

CVE-2023-43238

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in...

9.8CVSS

7.8AI Score

0.001EPSS

2023-09-21 01:15 PM

cve

CVE-2023-43239

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in...

9.8CVSS

7.8AI Score

0.001EPSS

2023-09-21 01:15 PM

cve

CVE-2023-43240

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in...

9.8CVSS

7.8AI Score

0.001EPSS

2023-09-21 01:15 PM

cve

CVE-2023-43236

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in...

9.8CVSS

7.8AI Score

0.001EPSS

2023-09-21 01:15 PM

cve

CVE-2018-20305

D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return...

9.8CVSS

9.3AI Score

0.013EPSS

2018-12-20 12:29 AM

cve

CVE-2018-17064

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is...

9.8CVSS

7.9AI Score

0.013EPSS

2018-09-15 09:29 PM

cve

CVE-2018-17067

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return...

9.8CVSS

8AI Score

0.004EPSS

2018-09-15 09:29 PM

cve

CVE-2018-17063

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell...

9.8CVSS

8AI Score

0.013EPSS

2018-09-15 09:29 PM

cve

CVE-2018-17066

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime...

9.8CVSS

8AI Score

0.013EPSS

2018-09-15 09:29 PM

cve

CVE-2018-17065

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return...

9.8CVSS

8AI Score

0.004EPSS

2018-09-15 09:29 PM

cve

CVE-2018-17068

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum...

9.8CVSS

8AI Score

0.013EPSS

2018-09-15 09:29 PM

cve

CVE-2018-11013

Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host...

9.8CVSS

9.1AI Score

0.013EPSS

2018-05-13 03:29 PM