Product:

Dir\-816_firmware

(Dlink)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 37
Date Id Summary Products Score Patch Annotated
2022-05-10 CVE-2022-29324 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. Dir\-816_firmware 9.8
2022-05-10 CVE-2022-29326 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. Dir\-816_firmware 9.8
2022-05-10 CVE-2022-29325 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. Dir\-816_firmware 9.8
2022-05-10 CVE-2022-29327 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. Dir\-816_firmware 9.8
2022-08-22 CVE-2022-37133 D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end. Dir\-816_firmware 7.5
2022-08-22 CVE-2022-37134 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow. Dir\-816_firmware 9.8
2022-08-31 CVE-2022-37128 In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end. Dir\-816_firmware 9.8
2022-08-31 CVE-2022-36620 D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting. Dir\-816_firmware 7.5
2022-08-31 CVE-2022-37125 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. Dir\-816_firmware 9.8
2022-08-31 CVE-2022-36619 In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC. Dir\-816_firmware 7.5