Dir-816l
This hub aggregates every CVE we track for Dir-816l, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
3
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
1
0
1
1
0
0
4
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 11 most recently published vulnerabilities affecting Dir-816l.
- CVE-2025-13191D-Link DIR-816L soap.cgi soapcgi_main stack-based overflow8.8
- CVE-2025-13190D-Link DIR-816L __ajax_exporer.sgi scandir_main stack-based overflow8.8
- CVE-2025-13189D-Link DIR-816L gena.cgi genacgi_main stack-based overflow8.8
- CVE-2025-13188D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow9.8
- CVE-2025-9727D-Link DIR-816L soap.cgi soapcgi_main os command injection6.3
- CVE-2025-7836D-Link DIR-816L Environment Variable cgibin lxmldbc_system command injection6.3
- CVE-2025-46176Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.6.5
- CVE-2022-28956An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload.9.8
- CVE-2022-28955An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.7.5
- CVE-2020-15893An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injectin...9.8
- CVE-2019-7642D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets includ...7.5
Product normalization is registry-driven with AI assist and human review. How it works