VYPR

Dir 816 Firmware

by Dlink

CVEs (8)

  • CVE-2026-4181CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack…

  • CVE-2026-4180HigMar 16, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The…

  • CVE-2026-8346MedMay 12, 2026
    risk 0.41cvss 6.3epss 0.03

    A vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command injection. The attack can be initiated remotely. The exploit is now public and may be used.

  • CVE-2026-8345MedMay 11, 2026
    risk 0.41cvss 6.3epss 0.03

    A security vulnerability has been detected in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this issue is the function sub_445E7C of the file /goform/singlePortForward. Such manipulation of the argument ip_address leads to command injection. It is possible to launch the…

  • CVE-2026-8344MedMay 11, 2026
    risk 0.41cvss 6.3epss 0.03

    A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2024-22651Jan 24, 2024
    risk 0.06cvss epss 0.20

    There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04.

  • CVE-2022-40946Apr 16, 2023
    risk 0.03cvss epss 0.08

    On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request.

  • CVE-2025-60679Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. The vulnerability occurs because /proc/version is read into a 512-byte buffer and…