Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20305 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address. | |||||
| CVE-2018-11013 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header. | |||||