816A2
by Dlink
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57683 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request. | |||
| CVE-2024-57678 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a crafted POST request. | |||
| CVE-2024-57676 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request. | |||
| CVE-2024-57677 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request. | |||
| CVE-2024-57682 | 0.00 | — | 0.00 | Jan 16, 2025 | An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. | |||
| CVE-2024-57679 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a crafted POST request. | |||
| CVE-2024-57681 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request. | |||
| CVE-2024-57680 | 0.00 | — | 0.00 | Jan 16, 2025 | An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST request. | |||
| CVE-2024-57684 | 0.00 | — | 0.04 | Jan 16, 2025 | An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. |
- CVE-2024-57683Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request.
- CVE-2024-57678Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a crafted POST request.
- CVE-2024-57676Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request.
- CVE-2024-57677Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request.
- CVE-2024-57682Jan 16, 2025risk 0.00cvss —epss 0.00
An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request.
- CVE-2024-57679Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a crafted POST request.
- CVE-2024-57681Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request.
- CVE-2024-57680Jan 16, 2025risk 0.00cvss —epss 0.00
An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST request.
- CVE-2024-57684Jan 16, 2025risk 0.00cvss —epss 0.04
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request.