17 matches found
D-Link DIR-816L Buffer Overflow Vulnerability
The DIR-816L is a wireless router device from D-Link. A stack-based buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from the genacgimain function in the gena.cgi file improperly handling the SERVERID/HTTPSID parameter. An attacker could use this...
CVE-2025-13191
A vulnerability was determined in D-Link DIR-816L 206b09beta. This issue affects the function soapcgimain of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This...
D-Link DIR-816L 安全漏洞
The DIR-816L is a wireless router device from D-Link. A stack-based buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from the genacgimain function in the gena.cgi file improperly handling the SERVERID/HTTPSID parameter. An attacker could use this...
CVE-2025-13188 D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow
A vulnerability was detected in D-Link DIR-816L 206b09beta. Affected by this vulnerability is the function authenticationcgimain of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible...
VulnCheck KEV: CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
D-Link DIR816L Command Injection (CVE-2022-28915; CVE-2022-28958; CVE-2022-37123; CVE-2022-37125; CVE-2022-37129)
A command injection vulnerability exists in D-Link DIR816L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
D-Link DIR816 Access Control Error Vulnerability
The D-Link DIR816 is a wireless router from AUO D-Link of Taiwan, China. The D-Link DIR816L suffers from an Access Control Error vulnerability that stems from improper access control. An unauthenticated attacker could use this vulnerability to gain access to the folders folderview.php and...
D-Link DIR816L Remote Code Execution Vulnerability
The D-Link DIR816 is a dual-band router. A remote code execution vulnerability exists in D-Link DIR816LFW206b01, which stems from the value parameter of shareport.php failing to properly filter special elements of the constructed snippet. An attacker can exploit this vulnerability to cause...
CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28956
CVE-2022-28956 affects D-Link DIR816L_FW206b01: the getcfg.php component can be abused with a crafted payload to access the device. CVSSv3.1 shows 9.8 (CRITICAL) with network attack, no authentication, and high impact on confidentiality, integrity, and availability. Exploitation details aren’t pr...
CVE-2022-28955
D-Link DIR816L_FW206b01 is affected by CVE-2022-28955 (improper access control). The Nuclei template confirms unauthenticated access to folders folder_view.php and category_view.php, enabling potential exposure of sensitive information, data modification, or unauthorized operations. Root cause: i...
PT-2022-2698 · D Link · D-Link Dir-816L
Name of the Vulnerable Software and Affected Versions: D-Link DIR816L versions FW206b01 Description: The issue is related to the getcfg.php component and is caused by errors in the code. It allows attackers to access the device by using a specially crafted payload. Recommendations: For D-Link...
CVE-2020-15895
An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the webpage...