3 matches found
CVE-2022-43001
CVE-2022-43001 affects D-Link DIR-816 A2, version 1.10 B05, with a stack overflow in the setSecurity function’s pskValue parameter. The vulnerability is documented with a high-impact CVSS v3.1 score (9.8, CRITICAL) across network attack vector, no user interaction, and impacts to confidentiality,...
Command injection
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter...
CVE-2018-17063
CVE-2018-17063 affects D‑Link DIR-816 A2 firmware 1.10 B05. In the NTPSyncWithHost handler, an HTTP request parameter is used to construct a shell command, enabling command injection via shell metacharacters . A remote attacker could potentially execute arbitrary commands on the device. Public so...