Dir-816 a2
This hub aggregates every CVE we track for Dir-816 a2, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
43
CVEs tracked
22
Critical
3
High
0
In CISA KEV
Severity distribution
CRITICAL22MEDIUM18HIGH3
Monthly trend
0
0
0
0
0
0
16
0
0
1
1
1
0
0
0
1
1
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Dir-816 a2.
- CVE-2025-60679A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. Th...8.8
- CVE-2025-55200BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes7.1
- CVE-2025-45931An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file9.8
- CVE-2025-44835D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell.6.3
- CVE-2025-29743D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting.6.5
- CVE-2024-57676An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a c...6.5
- CVE-2024-57682An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST r...6.5
- CVE-2024-57677An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request.6.5
- CVE-2024-57678An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a ...6.5
- CVE-2024-57683An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST r...4.3
- CVE-2024-57681An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request.5.3
- CVE-2024-57679An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via ...6.5
- CVE-2024-57684An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request.9.8
- CVE-2024-57680An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST ...5.3
- CVE-2024-13108D-Link DIR-816 A2 form2NetSniper.cgi access control5.3
Product normalization is registry-driven with AI assist and human review. How it works