CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-24321
https://notcve.org/view.php?id=CVE-2024-24321
08 Feb 2024 — An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. Un problema en Dlink DIR-816A2 v.1.10CNB05 permite a un atacante remoto ejecutar código arbitrario a través del parámetro Wizardstep4_ssid_2 en la función sub_42DA54. • http://dir-816a2.com • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0921 – D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection
https://notcve.org/view.php?id=CVE-2024-0921
26 Jan 2024 — A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setDeviceSettings of the component Web Interface. The manipulation of the argument statuscheckpppoeuser leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xiyuanhuaigu/cve/blob/main/rce.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 88EXPL: 1CVE-2024-0717 – D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
https://notcve.org/view.php?id=CVE-2024-0717
19 Jan 2024 — A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, D... • https://github.com/999zzzzz/D-Link • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43238
https://notcve.org/view.php?id=CVE-2023-43238
21 Sep 2023 — D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer mediante el parámetro nvmacaddr en form2Dhcpip.cgi. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2Dhcpip_cgi/1.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43239
https://notcve.org/view.php?id=CVE-2023-43239
21 Sep 2023 — D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro flag_5G en showMACfilterMAC. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/showMACfilterMAC/1.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43237
https://notcve.org/view.php?id=CVE-2023-43237
21 Sep 2023 — D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer mediante el parámetro macCloneMac en setMAC. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/setMAC/1.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43236
https://notcve.org/view.php?id=CVE-2023-43236
21 Sep 2023 — D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro statuscheckpppoeuser en dir_setWanWifi. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/dir_setWanWifi/1.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43240
https://notcve.org/view.php?id=CVE-2023-43240
21 Sep 2023 — D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro sip_address en ipportFilter. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/ipportFilter/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-39637
https://notcve.org/view.php?id=CVE-2023-39637
12 Sep 2023 — D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. Se descubrió que D-Link DIR-816 A2 1.10 B05 contiene una vulnerabilidad de inyección de comandos a través del componente /goform/Diagnosis. • http://d-link.com • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-43000
https://notcve.org/view.php?id=CVE-2022-43000
26 Oct 2022 — D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4. Se ha detectado que D-Link DIR-816 A2 versión 1.10 B05, contiene un desbordamiento de pila por medio del parámetro wizardstep4_pskpwd en /goform/form2WizardStep4 • https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/form2WizardStep4 • CWE-787: Out-of-bounds Write •