VYPR

DIR-816A2

by Dlink

CVEs (12)

  • CVE-2018-17064CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is…

  • CVE-2023-43240Sep 21, 2023
    risk 0.05cvss epss 0.12

    D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.

  • CVE-2023-43239Sep 21, 2023
    risk 0.05cvss epss 0.12

    D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.

  • CVE-2022-37125Aug 31, 2022
    risk 0.02cvss epss 0.03

    D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.

  • CVE-2025-61577Oct 9, 2025
    risk 0.00cvss epss 0.05

    D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2025-45931Jun 30, 2025
    risk 0.00cvss epss 0.01

    An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file

  • CVE-2024-13108Jan 2, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. The…

  • CVE-2024-24321Feb 8, 2024
    risk 0.00cvss epss 0.02

    An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.

  • CVE-2023-43242Sep 21, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.

  • CVE-2023-43236Sep 21, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.

  • CVE-2021-27114Apr 14, 2021
    risk 0.00cvss epss 0.25

    An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address.

  • CVE-2019-10042Mar 25, 2019
    risk 0.00cvss epss 0.02

    The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication.