Dlink

Dir-816 Firmware

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-57677

  • EPSS 0.08%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:40

An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request.

6.5

CVE-2024-57679

  • EPSS 0.07%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:44

An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a crafted POST request.

5.3

CVE-2024-57680

  • EPSS 0.07%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:46

An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST request.

6.5

CVE-2024-57682

  • EPSS 0.07%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:51

An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request.

4.3

CVE-2024-57683

  • EPSS 0.07%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:52

An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request.

5.3

CVE-2024-57681

  • EPSS 0.07%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:48

An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request.

9.8

CVE-2024-57684

  • EPSS 0.26%
  • Veröffentlicht 16.01.2025 19:15:29
  • Zuletzt bearbeitet 02.05.2025 19:31:55

An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request.

6.5

CVE-2024-57676

  • EPSS 0.08%
  • Veröffentlicht 16.01.2025 19:15:28
  • Zuletzt bearbeitet 02.05.2025 19:31:38

An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request.

5.3

CVE-2024-13108

  • EPSS 0.09%
  • Veröffentlicht 02.01.2025 13:15:06
  • Zuletzt bearbeitet 02.05.2025 17:56:14

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack ca...

5.3

CVE-2024-13107

  • EPSS 0.09%
  • Veröffentlicht 02.01.2025 12:15:17
  • Zuletzt bearbeitet 02.05.2025 17:56:16

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper acce...