Vulnerabilities > Dlink > DIR 816 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-05-10 CVE-2022-29322 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29323 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29324 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29325 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29326 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29327 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10Cnb04
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-03-24 CVE-2021-31326 Improper Authentication vulnerability in Dlink Dir-816 Firmware 1.10Cnb05
D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi.
network
low complexity
dlink CWE-287
critical
 9.8
9.8
2021-08-24 CVE-2021-39509 Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb05R1B011D88210
An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2021-08-24 CVE-2021-39510 Command Injection vulnerability in Dlink Dir-816 Firmware 101Cnb04
An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router, The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2021-04-14 CVE-2021-27114 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices.
network
low complexity
dlink CWE-787
critical
 9.8
9.8