17 matches found
CVE-2022-43003
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function...
D-Link DIR-816 A2 缓冲区错误漏洞
The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the pskValue parameter of the setSecurity function...
D-Link DIR-816 A2 缓冲区错误漏洞
The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the pskValue parameter of the setRepeaterSecurity function...
D-Link DIR-816 A2 缓冲区错误漏洞
The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the srcip parameter of /goform/form2IPQoSTcAdd...
CVE-2022-43001
CVE-2022-43001 affects D-Link DIR-816 A2, version 1.10 B05, with a stack overflow in the setSecurity function’s pskValue parameter. The vulnerability is documented with a high-impact CVSS v3.1 score (9.8, CRITICAL) across network attack vector, no user interaction, and impacts to confidentiality,...
CVE-2022-43002
The CVE-2022-43002 entry concerns a D-Link DIR-816 A2 device with firmware 1.10 B05 (noted in multiple sources). The vulnerability is a stack overflow in the wizardstep54_pskpwd parameter handled by /goform/form2WizardStep54, affecting the network-facing form. CVSS metrics indicate a CRITICAL imp...
D-Link DIR-816 Stack Buffer Overflow Vulnerability
The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...
D-Link DIR-816 Command Injection Vulnerability (CNVD-2019-02398)
D-Link DIR-816 is a home router product from AUO. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which stems from the program's use of the 'datetime' parameter value to construct the 'date -s "%s"' command, which can be exploited by an attacker to this...
Command injection
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter...
Stack overflow
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address...
CVE-2018-17068
An explicit vulnerability entry exists for D-Link DIR-816 A2 with firmware 1.10 B05 (DIR-816) where the HTTP /goform/Diagnosis handler builds a command string using the sendNum parameter, enabling command injection via shell metacharacters. Connected CNVD/CVEs reiterate that this is a command-inj...
CVE-2018-17063
CVE-2018-17063 affects D‑Link DIR-816 A2 firmware 1.10 B05. In the NTPSyncWithHost handler, an HTTP request parameter is used to construct a shell command, enabling command injection via shell metacharacters . A remote attacker could potentially execute arbitrary commands on the device. Public so...
CVE-2018-17065
CVE-2018-17065 affects D-Link DIR-816 A2 (firmware 1.10 B05). The flaw is a stack-based buffer overflow in the /goform/DDNS handler caused by processing very long passwords, which can overwrite the return address. Connected sources corroborate the affected product and vulnerability class. No offi...
PT-2018-3882 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow in the handler function of the "/goform/DDNS" route. This overflow can occur when a very long password is used, potentially allowing an...
PT-2018-3881 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists in the handler function of the "/goform/form2systime.cgi" route, where an HTTP request parameter is used in command string construction. This could lead to command injection via...
PT-2018-3883 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists due to the lack of neutralization of special elements used in the command string construction within the handler function of the "/goform/sylogapply" route. This could lead to...
PT-2018-3880 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow that can occur when a very long password is sent to the /goform/formLogin endpoint. This can lead to overwriting the return address. The...