Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dir\-816_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-19 | CVE-2024-0717 | A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W,... | Dap\-1360_firmware, Dir\-1210_firmware, Dir\-1260_firmware, Dir\-2150_firmware, Dir\-300_firmware, Dir\-615_firmware, Dir\-615gf_firmware, Dir\-615s_firmware, Dir\-615t_firmware, Dir\-620_firmware, Dir\-620s_firmware, Dir\-806a_firmware, Dir\-815\/ac_firmware, Dir\-815_firmware, Dir\-815s_firmware, Dir\-816_firmware, Dir\-820_firmware, Dir\-822_firmware, Dir\-825_firmware, Dir\-825ac_firmware, Dir\-825acf_firmware, Dir\-825acg1_firmware, Dir\-841_firmware, Dir\-842_firmware, Dir\-842s_firmware, Dir\-843_firmware, Dir\-853_firmware, Dir\-878_firmware, Dir\-882_firmware, Dir\-X1530_firmware, Dir\-X1860_firmware, Dsl\-224_firmware, Dsl\-245gr_firmware, Dsl\-2640u_firmware, Dsl\-2750u_firmware, Dsl\-G2452gr_firmware, Dvg\-5402g\/gfru_firmware, Dvg\-5402g_firmware, Dvg\-N5402g\/il_firmware, Dvg\-N5402g_firmware, Dwm\-312w_firmware, Dwm\-321_firmware, Dwr\-921_firmware, Dwr\-953_firmware | 5.3 | ||
| 2024-02-08 | CVE-2024-24321 | An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. | Dir\-816_firmware | 9.8 | ||
| 2019-03-25 | CVE-2019-7642 | D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). | Dir\-816_firmware, Dir\-816l_firmware, Dir\-817lw_firmware, Dir\-850l_firmware, Dir\-868l_firmware | 7.5 | ||
| 2019-03-25 | CVE-2019-10042 | The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication. | Dir\-816_firmware | 7.5 | ||
| 2019-03-25 | CVE-2019-10041 | The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication. | Dir\-816_firmware | 9.8 | ||
| 2019-03-25 | CVE-2019-10040 | The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication. | Dir\-816_firmware | 9.8 | ||
| 2019-03-25 | CVE-2019-10039 | The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication. | Dir\-816_firmware | 9.8 |