EUVD-2022-39787

Malicious code in bioql PyPI...

The vulnerability in the form2Wan.cgi script of the D-Link DIR-816A router’s software allows a hacker to execute arbitrary code.

The vulnerability of the form2Wan.cgi script in the D-Link DIR-816A2 router software is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTTP POST request...

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

D-Link DIR-816 安全漏洞

The D-Link DIR-816A2 is a router from China's AUO D-Link. The D-Link DIR-816A2 suffers from an Access Control Error vulnerability that stems from improper access control of the form2Wan.cgi component, which can be exploited by an unauthenticated attacker to set up WAN services via a specially...

PT-2025-3535 · D Link · D-Link 816

Name of the Vulnerable Software and Affected Versions: D-Link 816A2 FWv1.10CNB05 R1B011D88210 Description: An access control issue in the component form2Wan.cgi of D-Link devices allows unauthenticated attackers to configure the WAN service of the device via a crafted POST request to the...

CVE-2022-37134

D-link DIR-816 A2v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tpusrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tpusrname, resulting in stack overflow...