Dlink Dir-816l
15 CVEs affecting Dlink Dir-816l. Latest disclosed: 2025-11-15. Critical: 3, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-13188 | Critical | 9.8 | 2025-11-14 | A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authenticatio… |
CVE-2022-28956 | Critical | 9.8 | 2022-05-18 | An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. |
CVE-2020-15893 | Critical | 9.8 | 2020-07-22 | An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can… |
CVE-2025-13191 | High | 8.8 | 2025-11-15 | A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes s… |
CVE-2025-13190 | High | 8.8 | 2025-11-15 | A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The ma… |
CVE-2025-13189 | High | 8.8 | 2025-11-15 | A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument… |
CVE-2022-28955 | High | 7.5 | 2022-05-18 | An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. |
CVE-2020-15894 | High | 7.5 | 2020-07-22 | An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used t… |
CVE-2019-7642 | High | 7.5 | 2019-03-25 | D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and… |
CVE-2025-46176 | Medium | 6.5 | 2025-05-23 | Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmwa… |
CVE-2025-9727 | Medium | 6.3 | 2025-08-31 | A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the a… |
CVE-2025-7836 | Medium | 6.3 | 2025-07-19 | A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of th… |
CVE-2020-25786 | Medium | 6.1 | 2020-09-19 | webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects… |
CVE-2020-15895 | Medium | 6.1 | 2020-07-22 | An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT… |
CVE-2015-5999 | | 2015-11-18 | Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to… |