Dir-816 A2 Firmware Security Vulnerabilities and Issues — Dir-816 A2 Firmware CVE List

Lucene search

DlinkDir-816 A2 Firmware

14 matches found

CVE•added 2023/09/21 1:15 p.m.•98 views

CVE-2023-43238

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2023/09/21 1:15 p.m.•93 views

CVE-2023-43240

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2025/05/01 2:15 p.m.•53 views

CVE-2025-44835

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell.

6.3CVSS8.2AI score0.02929EPSS

CVE•added 2023/09/21 1:15 p.m.•45 views

CVE-2023-43237

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2023/09/21 1:15 p.m.•44 views

CVE-2023-43236

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2023/09/21 1:15 p.m.•41 views

CVE-2023-43239

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2023/09/21 1:15 p.m.•41 views

CVE-2023-43242

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.

9.8CVSS9.6AI score0.01914EPSS

CVE•added 2024/01/26 2:15 p.m.•37 views

CVE-2024-0921

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setDeviceSettings of the component Web Interface. The manipulation of the argument statuscheckpppoeuser leads to os command inject...

9.8CVSS9.8AI score0.22534EPSS

CVE•added 2018/09/15 9:29 p.m.•35 views

CVE-2018-17064

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked.

10CVSS9.6AI score0.14541EPSS

CVE•added 2018/09/15 9:29 p.m.•35 views

CVE-2018-17065

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.

10CVSS9.6AI score0.007EPSS

CVE•added 2018/09/15 9:29 p.m.•35 views

CVE-2018-17067

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.

10CVSS9.6AI score0.007EPSS

CVE•added 2018/09/15 9:29 p.m.•34 views

CVE-2018-17066

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.

10CVSS9.6AI score0.2949EPSS

CVE•added 2018/09/15 9:29 p.m.•32 views

CVE-2018-17063

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.

10CVSS9.6AI score0.14541EPSS

CVE•added 2018/09/15 9:29 p.m.•28 views

CVE-2018-17068

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.

10CVSS9.6AI score0.14541EPSS