D-Link Dir-816 A2 Firmware vulnerabilities
2 known vulnerabilities affecting d-link/dir-816_a2_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2018-11013P2CRITICALCVSS 9.8v1.10b052018-05-13
CVE-2018-11013 [CRITICAL] CWE-787 CVE-2018-11013: Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) router
Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header.
nvd
CVE-2018-20305P2CRITICALCVSS 9.8v1.10b052018-12-20
CVE-2018-20305 [CRITICAL] CWE-787 CVE-2018-20305: D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
nvd