The vulnerability of the setipsec_config() function (/goform/setipsec_config) in D-Link DIR-816 router software allows a hacker to execute arbitrary commands.

The vulnerability of the setipsecconfig function /goform/setipsecconfig of the D-Link DIR-816 router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for processing parameters localIP and remoteIP...

D-Link DIR-816 /goform/setipsec_config File Command Injection Vulnerability

The D-Link DIR-816 is a wireless router from China's AUO D-Link. The D-Link DIR-816 suffers from a command injection vulnerability that stems from the parameter localIP/remoteIP in the file /goform/setipsecconfig failing to correctly filter constructed command special characters, commands, and so...

CVE-2025-5620

A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsecconfig of the file /goform/setipsecconfig. The manipulation of the argument localIP/remoteIP leads to os command injection. It is possible to launch the attack remotely. The...

D-Link DIR-816 安全漏洞

The D-Link DIR-816 is a wireless router from China's AUO D-Link. The D-Link DIR-816 suffers from a command injection vulnerability that stems from the parameter localIP/remoteIP in the file /goform/setipsecconfig failing to correctly filter constructed command special characters, commands, and so...