Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dir\-816_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 54 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-16 | CVE-2024-57677 | An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57678 | An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57679 | An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57680 | An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57681 | An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57682 | An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57683 | An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-01-16 | CVE-2024-57684 | An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. | Dir\-816_firmware | N/A | ||
| 2025-04-22 | CVE-2025-29743 | D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. | Dir\-816_firmware | N/A | ||
| 2021-03-30 | CVE-2021-26810 | D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser parameter. | Dir\-816_firmware | 9.8 |