d-link DIR-816 Security Vulnerabilities

4 Vulnerabilities
Description

An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 750m11ac wireless router via the HTTP request parameter in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-39509, Last Modified: 2021-08-24T19:15:00Z

References

Advisory

Modemly Security Checklist

D-Link-DIR-816-router-setup

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-27114, Last Modified: 2021-04-14T14:58:00Z

References

Advisory

Modemly Security Checklist

D-Link-DIR-816-router-setup

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-27113, Last Modified: 2021-04-14T14:58:00Z

References

Advisory

Modemly Security Checklist

D-Link-DIR-816-router-setup

D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser parameter.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-26810, Last Modified: 2021-03-30T15:16:00Z

References

Advisory

Modemly Security Checklist

D-Link-DIR-816-router-setup
Free Home-Networking Courses, tutorials and security checklists

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.