Skip to main content

Dir 816 EUVDEUVD-2026-12238

| CVE-2026-4183 CRITICAL
Stack-based Buffer Overflow (CWE-121)
2026-03-15 VulDB
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
PoC Detected
Mar 16, 2026 - 14:53 vuln.today
Public exploit code
EUVD ID Assigned
Mar 15, 2026 - 17:00 euvd
EUVD-2026-12238
Analysis Generated
Mar 15, 2026 - 17:00 vuln.today
CVE Published
Mar 15, 2026 - 16:32 nvd
CRITICAL 9.8

DescriptionCVE.org

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 router firmware version 1.10CNB05, affecting the wireless configuration interface (/goform/form2WlanBasicSetup.cgi). A publicly available proof-of-concept exploit exists, allowing remote attackers without authentication to achieve complete system compromise. The vulnerability affects end-of-life products no longer supported by D-Link, making patches unlikely.

Technical ContextAI

The vulnerability resides in the GoAhead embedded web server component, specifically in the form2WlanBasicSetup.cgi file that handles wireless network configuration. The flaw is a classic stack-based buffer overflow (CWE-121) where the pskValue parameter (likely the WPA/WPA2 pre-shared key field) is not properly bounds-checked before being copied to a fixed-size stack buffer. Based on the CPE string (cpe:2.3:a:d-link:dir-816:*:*:*:*:*:*:*:*), all versions of the DIR-816 router may be affected, though only version 1.10CNB05 is confirmed vulnerable.

RemediationAI

No patches are available as D-Link has discontinued support for the DIR-816 router series. The only effective remediation is to replace affected devices with currently supported router models. As an interim mitigation, administrators should: 1) Disable remote management features if enabled, 2) Restrict access to the web management interface to trusted IP addresses only via firewall rules, 3) Monitor for suspicious access to /goform/form2WlanBasicSetup.cgi in web server logs. Given the end-of-life status, immediate replacement is strongly recommended.

Share

EUVD-2026-12238 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy