Vulnerabilities > Dlink > DIR 816 Firmware > 1.10cnb04

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2024-0717 Unspecified vulnerability in Dlink products
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112.
network
low complexity
dlink
5.3
5.3
2022-08-31 CVE-2022-36619 Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC.
network
low complexity
dlink CWE-306
7.5
7.5
2022-08-31 CVE-2022-37123 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.
network
low complexity
dlink CWE-78
8.8
8.8
2022-08-31 CVE-2022-37129 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand.
network
low complexity
dlink CWE-78
8.8
8.8
2022-08-31 CVE-2022-37130 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-08-31 CVE-2022-37125 Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-08-31 CVE-2022-36620 Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.
network
low complexity
dlink CWE-1284
7.5
7.5
2022-08-31 CVE-2022-37128 Improper Initialization vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.
network
low complexity
dlink CWE-665
critical
 9.8
9.8
2022-08-22 CVE-2022-37133 Improper Resource Shutdown or Release vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot.
network
low complexity
dlink CWE-404
7.5
7.5
2022-08-22 CVE-2022-37134 Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi.
network
low complexity
dlink CWE-1284
critical
 9.8
9.8