An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file
The issue concerns the bin/goahead binary file, which is the device's embedded web server. The vulnerability is classified as command injection (CWE-77) — this means that input data passed to the system() function is not properly filtered or validated. An attacker can craft an appropriate network request containing a malicious payload that will be executed by the system shell with the privileges of the web server process.
An attacker gains the ability to remotely execute arbitrary code (RCE) on the device without any authentication, which may lead to complete takeover of the router, including violation of confidentiality, integrity, and availability of the device and the supported network.
Apply patches available from the manufacturer according to references (https://www.dlink.com/en/security-bulletin/). Until an update is released, it is recommended to restrict access to the device's administrative interface only to trusted hosts and block access from the public network (e.g., through a firewall or network configuration change).
D-Link DIR-816-A2 with firmware version DIR-816A2_FWv1.10CNB05_R1B011D88210
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Dir 816
HWDlinka2Dlink Dir 816 Firmware
OSDlink1.10cnb05_r1b011d88210
Related vulnerabilities
Stack-based buffer overflow w D-Link DIR-816 — funkcja QoSPortSetup
D-Link DIR-816: Stack-based buffer overflow w /goform/form2lansetup.cgi
Stack-based buffer overflow w D-Link DIR-816 – funkcja qosClassifier
Stack-based buffer overflow w D-Link DIR-816 — zdalny atak bez uwierzytelnienia
D-Link DIR-816: nieautoryzowana zmiana konfiguracji DMZ przez formDMZ.cgi