Latest dlink dir-816 firmware Vulnerabilities

CVE-2024-24321
An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.
Dlink Dir-816 Firmware=1.10cnb05
Dlink DIR-816=a2
CVE-2024-0717
D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
<=2024-01-12
<=2024-01-12
<=2024-01-12
and 82 more
CVE-2023-39637
D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-43003
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-43002
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-42999
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-43001
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-43000
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-42998
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2022-37123
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37130
In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, a...
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-36619
In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37129
D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. After the user passes in the command parameter, it will be spliced into byte_4836B0 by snprintf, and fina...
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37125
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-36620
D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37128
In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37134
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which doe...
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-37133
D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29324
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29326
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29321
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29325
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29322
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29323
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-29327
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2022-28915
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm.
Dlink Dir-816 Firmware=1.10cnb04
Dlink DIR-816=a2
CVE-2021-31326
D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi.
Dlink Dir-816 Firmware=1.10cnb05
Dlink DIR-816=a2
CVE-2021-39510
An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router, The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct th...
Dlink Dir-816 Firmware=101cnb04
Dlink DIR-816=a1
CVE-2021-39509
An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the u...
Dlink Dir-816 Firmware=1.10cnb05_r1b011d88210
Dlink DIR-816=a2
CVE-2021-27114
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a ...
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2021-27113
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could ...
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2021-26810
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWifi...
Dlink Dir-816 Firmware=1.10b05
Dlink DIR-816=a2
CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include b...
Dlink Dir-817lw Firmware=1.04
Dlink Dir-817lw=a1
Dlink Dir-816l Firmware=2.06
Dlink Dir-816l=b1
Dlink Dir-816 Firmware=2.06
Dlink DIR-816=b1
and 4 more
CVE-2019-10039
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web...
Dlink Dir-816 Firmware=1.11
Dlink DIR-816=a2
CVE-2019-10042
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to re...
Dlink Dir-816 Firmware=1.11
Dlink DIR-816=a2
CVE-2019-10041
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to ed...
Dlink Dir-816 Firmware=1.11
Dlink DIR-816=a2
CVE-2019-10040
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use a hidden API URL /goform/SystemCommand to ex...
Dlink Dir-816 Firmware=1.11
Dlink DIR-816=a2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203