Dir-816 a2 firmware
This hub aggregates every CVE we track for Dir-816 a2 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
13
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL13MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Dir-816 a2 firmware.
- CVE-2025-44835D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell.6.3
- CVE-2024-0921D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection4.7
- CVE-2023-43240D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.9.8
- CVE-2023-43239D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.9.8
- CVE-2023-43238D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.9.8
- CVE-2023-43237D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.9.8
- CVE-2023-43236D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.9.8
- CVE-2018-20305D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may l...9.8
- CVE-2018-17068An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could le...9.8
- CVE-2018-17067An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.9.8
- CVE-2018-17066An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This c...9.8
- CVE-2018-17065An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite ...9.8
- CVE-2018-17064An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This cou...9.8
- CVE-2018-17063An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. Thi...9.8
- CVE-2018-11013Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code...9.8
Product normalization is registry-driven with AI assist and human review. How it works