Dir 816 Firmware
CVE-2024-57682
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request.
AnalysisAI
An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Missing Authorization (CWE-862), which allows attackers to access resources or perform actions without proper authorization checks. An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. Affected products include: Dlink Dir-816 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement role-based access control, validate authorization on every request server-side, apply principle of least privilege.
More in Dir 816 Firmware
View allAn issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 pa
An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via sy
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 1.10CNB05 affecting the qosClassifier function's di
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the /goform/fo
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the QoSPortSet
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecur
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/f
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity func
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/fo
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd
In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagn
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today