D-Link Dir-816 vulnerabilities

13 known vulnerabilities affecting d-link/dir-816.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH4MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2026-4183HIGHCVSS 8.9v1.10CNB052026-03-16
CVE-2026-4183 [HIGH] CWE-119 CVE-2026-4183: A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown funct A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. This v
cvelistv5nvd
CVE-2026-4184HIGHCVSS 8.9v1.10CNB052026-03-16
CVE-2026-4184 [HIGH] CWE-119 CVE-2026-4184: A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unkno A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unknown functionality of the file /goform/form2Wl5BasicSetup.cgi of the component goahead. Performing a manipulation of the argument pskValue results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public a
cvelistv5nvd
CVE-2026-4181HIGHCVSS 8.9v1.10CNB052026-03-16
CVE-2026-4181 [HIGH] CWE-119 CVE-2026-4181: A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and m
cvelistv5nvd
CVE-2026-4182HIGHCVSS 8.9v1.10CNB052026-03-16
CVE-2026-4182 [HIGH] CWE-119 CVE-2026-4182: A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the pu
cvelistv5nvd
CVE-2026-4180MEDIUMCVSS 6.9v1.10CNB052026-03-16
CVE-2026-4180 [MEDIUM] CWE-266 CVE-2026-4180: A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown funct A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly available and might be used. This vulnerability only affect
cvelistv5nvd
CVE-2025-5624CRITICALCVSS 9.3v1.10CNB052025-06-05
CVE-2025-5624 [CRITICAL] CWE-119 CVE-2025-5624: A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulner A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the argument port0_group/port0_remarker/ssid0_group/ssid0_remarker leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit
cvelistv5nvd
CVE-2025-5622CRITICALCVSS 9.3v1.10CNB052025-06-05
CVE-2025-5622 [CRITICAL] CWE-119 CVE-2025-5622: A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this i A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the argument apcli_mode_5g/apcli_enc_5g/apcli_default_key_5g leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has bee
cvelistv5nvd
CVE-2025-5623CRITICALCVSS 9.3v1.10CNB052025-06-05
CVE-2025-5623 [CRITICAL] CWE-119 CVE-2025-5623: A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affe A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ
cvelistv5nvd
CVE-2025-5630CRITICALCVSS 9.3v1.10CNB052025-06-05
CVE-2025-5630 [CRITICAL] CWE-119 CVE-2025-5630: A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerab A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulner
cvelistv5nvd
CVE-2025-5620MEDIUMCVSS 6.9v1.10CNB052025-06-05
CVE-2025-5620 [MEDIUM] CWE-77 CVE-2025-5620: A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected i A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument localIP/remoteIP leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be use
cvelistv5nvd
CVE-2025-5621MEDIUMCVSS 6.9v1.10CNB052025-06-05
CVE-2025-5621 [MEDIUM] CWE-77 CVE-2025-5621: A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by t A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public a
cvelistv5nvd
CVE-2025-1392MEDIUMCVSS 5.1v1.01TO2025-02-17
CVE-2025-1392 [MEDIUM] CWE-79 CVE-2025-1392: A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by t A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit
cvelistv5nvd
CVE-2024-0717MEDIUMCVSS 5.3v202401122024-01-19
CVE-2024-0717 [MEDIUM] CWE-200 CVE-2024-0717: A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DI A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530,
cvelistv5nvd