Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 router firmware version 1.10CNB05, affecting the wireless configuration interface (/goform/form2WlanBasicSetup.cgi). A publicly available proof-of-concept exploit exists, allowing remote attackers without authentication to achieve complete system compromise. The vulnerability affects end-of-life products no longer supported by D-Link, making patches unlikely.
Technical ContextAI
The vulnerability resides in the GoAhead embedded web server component, specifically in the form2WlanBasicSetup.cgi file that handles wireless network configuration. The flaw is a classic stack-based buffer overflow (CWE-121) where the pskValue parameter (likely the WPA/WPA2 pre-shared key field) is not properly bounds-checked before being copied to a fixed-size stack buffer. Based on the CPE string (cpe:2.3:a:d-link:dir-816:*:*:*:*:*:*:*:*), all versions of the DIR-816 router may be affected, though only version 1.10CNB05 is confirmed vulnerable.
RemediationAI
No patches are available as D-Link has discontinued support for the DIR-816 router series. The only effective remediation is to replace affected devices with currently supported router models. As an interim mitigation, administrators should: 1) Disable remote management features if enabled, 2) Restrict access to the web management interface to trusted IP addresses only via firewall rules, 3) Monitor for suspicious access to /goform/form2WlanBasicSetup.cgi in web server logs. Given the end-of-life status, immediate replacement is strongly recommended.
Critical stack-based buffer overflow vulnerability in the D-Link DIR-816 router (version 1.10CNB05) that allows remote a
Critical stack-based buffer overflow vulnerability in the D-Link DIR-816 router (version 1.10CNB05) that allows remote a
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12238