Dir-816 Firmware Security Vulnerabilities and Issues — Dir-816 Firmware CVE List

Lucene search

DlinkDir-816 Firmware

6 matches found

CVE•added 2022/10/26 7:15 p.m.•54 views

CVE-2022-42999

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.

7.5CVSS8AI score0.01946EPSS

CVE•added 2022/08/31 9:15 p.m.•51 views

CVE-2022-36620

D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.

7.5CVSS7.5AI score0.00498EPSS

CVE•added 2019/03/25 10:29 p.m.•44 views

CVE-2019-7642

D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-...

7.5CVSS7.6AI score0.1087EPSS

CVE•added 2022/08/31 11:15 p.m.•43 views

CVE-2022-36619

In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC.

7.5CVSS7.7AI score0.0028EPSS

CVE•added 2022/08/22 3:15 p.m.•43 views

CVE-2022-37133

D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end.

7.5CVSS7.7AI score0.0018EPSS

CVE•added 2019/03/25 7:29 p.m.•37 views

CVE-2019-10042

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication.

7.8CVSS7.4AI score0.00657EPSS