Dlink

Dir-816l Firmware

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-13191

Exploit
  • EPSS 0.07%
  • Veröffentlicht 15.11.2025 07:02:06
  • Zuletzt bearbeitet 19.11.2025 18:04:24

A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has...

9

CVE-2025-13190

Exploit
  • EPSS 0.04%
  • Veröffentlicht 15.11.2025 06:32:06
  • Zuletzt bearbeitet 20.11.2025 14:19:15

A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be per...

9.8

CVE-2025-13189

Exploit
  • EPSS 0.07%
  • Veröffentlicht 15.11.2025 06:02:05
  • Zuletzt bearbeitet 20.11.2025 14:30:40

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carri...

10

CVE-2025-13188

Exploit
  • EPSS 0.13%
  • Veröffentlicht 14.11.2025 22:32:06
  • Zuletzt bearbeitet 20.11.2025 14:34:12

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overf...

9.8

CVE-2025-9727

Exploit
  • EPSS 0.11%
  • Veröffentlicht 31.08.2025 11:32:06
  • Zuletzt bearbeitet 01.10.2025 20:42:08

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible....

8.8

CVE-2025-7836

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.07.2025 16:44:06
  • Zuletzt bearbeitet 03.10.2025 18:38:18

A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads...

6.5

CVE-2025-46176

  • EPSS 0.04%
  • Veröffentlicht 23.05.2025 00:00:00
  • Zuletzt bearbeitet 03.06.2025 15:47:26

Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.

7.5

CVE-2022-28955

Exploit
  • EPSS 91.78%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:58:14

An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.

9.8

CVE-2022-28956

Exploit
  • EPSS 40.91%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:58:14

An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload.

6.1

CVE-2020-25786

Exploit
  • EPSS 0.68%
  • Veröffentlicht 19.09.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:18:46

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploi...