19 matches found
D-Link DIR-816L Buffer Overflow Vulnerability
The DIR-816L is a wireless router device from D-Link. A stack-based buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from the genacgimain function in the gena.cgi file improperly handling the SERVERID/HTTPSID parameter. An attacker could use this...
CVE-2025-13191
A vulnerability was determined in D-Link DIR-816L 206b09beta. This issue affects the function soapcgimain of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This...
D-Link DIR-816L 安全漏洞
The DIR-816L is a wireless router device from D-Link. A stack-based buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from the genacgimain function in the gena.cgi file improperly handling the SERVERID/HTTPSID parameter. An attacker could use this...
CVE-2025-13188 D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow
A vulnerability was detected in D-Link DIR-816L 206b09beta. Affected by this vulnerability is the function authenticationcgimain of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible...
VulnCheck KEV: CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
D-Link DIR816L Command Injection (CVE-2022-28915; CVE-2022-28958; CVE-2022-37123; CVE-2022-37125; CVE-2022-37129)
A command injection vulnerability exists in D-Link DIR816L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
The vulnerability of the shareport.php component in D-Link DIR816L router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the shareport.php component in D-Link DIR816L router microprogramming software is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the value parameter in the shareport.php file...
The vulnerability of the getcfg.php file in D-Link DIR816L router microprogramming software allows a hacker to gain access to the device.
The vulnerability of the getcfg.php file in D-Link DIR816L router microprogramming software is related to errors in the code. Exploiting this vulnerability can allow an attacker to gain access to the device through a specially created malicious load...
D-Link DIR816 Access Control Error Vulnerability
The D-Link DIR816 is a wireless router from AUO D-Link of Taiwan, China. The D-Link DIR816L suffers from an Access Control Error vulnerability that stems from improper access control. An unauthenticated attacker could use this vulnerability to gain access to the folders folderview.php and...
D-Link DIR816L Remote Code Execution Vulnerability
The D-Link DIR816 is a dual-band router. A remote code execution vulnerability exists in D-Link DIR816LFW206b01, which stems from the value parameter of shareport.php failing to properly filter special elements of the constructed snippet. An attacker can exploit this vulnerability to cause...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
CVE-2022-28955
An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...
CVE-2022-28956
CVE-2022-28956 affects the D-Link DIR816L router, specifically the getcfg.php component in firmware FW206b01. The root cause is described as errors in the getcfg.php code that allow an unauthenticated attacker to access the device via a crafted payload, with impact described as partial confidenti...
CVE-2022-28955
D-Link DIR816L_FW206b01 is affected by CVE-2022-28955 (improper access control). The Nuclei template confirms unauthenticated access to folders folder_view.php and category_view.php, enabling potential exposure of sensitive information, data modification, or unauthorized operations. Root cause: i...
PT-2022-2698 · D Link · D-Link Dir-816L
Name of the Vulnerable Software and Affected Versions: D-Link DIR816L versions FW206b01 Description: The issue is related to the getcfg.php component and is caused by errors in the code. It allows attackers to access the device by using a specially crafted payload. Recommendations: For D-Link...
CVE-2020-15895
An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the webpage...