Dlink Dir-816l_firmware

15 CVEs affecting Dlink Dir-816l_firmware. Latest disclosed: 2025-11-15. Critical: 3, High: 6.

Top CVEs affecting Dlink Dir-816l_firmware
CVESeverityScorePublishedSummary
CVE-2025-13188Critical9.82025-11-14A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authenticatio…
CVE-2022-28956Critical9.82022-05-18An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload.
CVE-2020-15893Critical9.82020-07-22An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can…
CVE-2025-13191High8.82025-11-15A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes s…
CVE-2025-13190High8.82025-11-15A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The ma…
CVE-2025-13189High8.82025-11-15A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument…
CVE-2022-28955High7.52022-05-18An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.
CVE-2020-15894High7.52020-07-22An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used t…
CVE-2019-7642High7.52019-03-25D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and…
CVE-2025-46176Medium6.52025-05-23Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmwa…
CVE-2025-9727Medium6.32025-08-31A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the a…
CVE-2025-7836Medium6.32025-07-19A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of th…
CVE-2020-25786Medium6.12020-09-19webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects…
CVE-2020-15895Medium6.12020-07-22An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT…
CVE-2015-59992015-11-18Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to…