Dir\-816_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Dir\-816_firmware
(Dlink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	54

Date	Id	Summary	Products	Score	Patch	Annotated
2022-08-31	CVE-2022-36620	D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.	Dir\-816_firmware	7.5
2022-08-31	CVE-2022-37125	D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.	Dir\-816_firmware	9.8
2022-08-31	CVE-2022-36619	In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC.	Dir\-816_firmware	7.5
2022-08-31	CVE-2022-37123	D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.	Dir\-816_firmware	8.8
2022-08-31	CVE-2022-37129	D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. After the user passes in the command parameter, it will be spliced into byte_4836B0 by snprintf, and finally doSystem(&byte_4836B0); will be executed, resulting in a command injection.	Dir\-816_firmware	8.8
2022-08-31	CVE-2022-37130	In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability	Dir\-816_firmware	9.8
2023-09-12	CVE-2023-39637	D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.	Dir\-816_firmware	9.8
2024-01-19	CVE-2024-0717	A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W,...	Dap\-1360_firmware, Dir\-1210_firmware, Dir\-1260_firmware, Dir\-2150_firmware, Dir\-300_firmware, Dir\-615_firmware, Dir\-615gf_firmware, Dir\-615s_firmware, Dir\-615t_firmware, Dir\-620_firmware, Dir\-620s_firmware, Dir\-806a_firmware, Dir\-815\/ac_firmware, Dir\-815_firmware, Dir\-815s_firmware, Dir\-816_firmware, Dir\-820_firmware, Dir\-822_firmware, Dir\-825_firmware, Dir\-825ac_firmware, Dir\-825acf_firmware, Dir\-825acg1_firmware, Dir\-841_firmware, Dir\-842_firmware, Dir\-842s_firmware, Dir\-843_firmware, Dir\-853_firmware, Dir\-878_firmware, Dir\-882_firmware, Dir\-X1530_firmware, Dir\-X1860_firmware, Dsl\-224_firmware, Dsl\-245gr_firmware, Dsl\-2640u_firmware, Dsl\-2750u_firmware, Dsl\-G2452gr_firmware, Dvg\-5402g\/gfru_firmware, Dvg\-5402g_firmware, Dvg\-N5402g\/il_firmware, Dvg\-N5402g_firmware, Dwm\-312w_firmware, Dwm\-321_firmware, Dwr\-921_firmware, Dwr\-953_firmware	5.3
2024-02-08	CVE-2024-24321	An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.	Dir\-816_firmware	9.8
2019-03-25	CVE-2019-7642	D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).	Dir\-816_firmware, Dir\-816l_firmware, Dir\-817lw_firmware, Dir\-850l_firmware, Dir\-868l_firmware	7.5