DIR-806

CVEs (8)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-15391	Dlink DIR-806	Med	0.41	6.3	0.00	Dec 31, 2025	A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could…
CVE-2019-10891	Dlink DIR-806		0.03	—	0.43	Sep 6, 2019	An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP…
CVE-2024-0717	Dlink DIR-300		0.02	—	0.28	Jan 19, 2024	A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…
CVE-2025-4340	Dlink DIR-890L		0.00	—	0.03	May 6, 2025	A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /htdocs/soap.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit…
CVE-2023-43130	Dlink DIR-806		0.00	—	0.01	Sep 22, 2023	D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.
CVE-2023-43129	Dlink DIR-806		0.00	—	0.01	Sep 22, 2023	D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters.
CVE-2023-43128	Dlink DIR-806		0.00	—	0.01	Sep 21, 2023	D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters.
CVE-2019-10892	Dlink DIR-806		0.00	—	0.01	Sep 6, 2019	An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it…

CVE-2025-15391MedDec 31, 2025
Dlink
DIR-806
risk 0.41cvss 6.3epss 0.00
A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could…
CVE-2019-10891Sep 6, 2019
Dlink
DIR-806
risk 0.03cvss —epss 0.43
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP…
CVE-2024-0717Jan 19, 2024
Dlink
DIR-300
risk 0.02cvss —epss 0.28
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…
CVE-2025-4340May 6, 2025
Dlink
DIR-890L
risk 0.00cvss —epss 0.03
A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /htdocs/soap.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit…
CVE-2023-43130Sep 22, 2023
Dlink
DIR-806
risk 0.00cvss —epss 0.01
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.
CVE-2023-43129Sep 22, 2023
Dlink
DIR-806
risk 0.00cvss —epss 0.01
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters.
CVE-2023-43128Sep 21, 2023
Dlink
DIR-806
risk 0.00cvss —epss 0.01
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters.
CVE-2019-10892Sep 6, 2019
Dlink
DIR-806
risk 0.00cvss —epss 0.01
An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it…