D-Link DIR-816 Access Control Vulnerability in form2WlanBasicSetup.cgi Allowing Unauthenticated WLAN Service Modification

Vulnerability

An access control vulnerability has been identified in the D-Link DIR-816 router, specifically in the firmware version 816A2_FWv1.10CNB05_R1B011D88210. The issue allows unauthenticated attackers to manipulate the 2.4G and 5G WLAN services of the device by sending a crafted POST request to the form2WlanBasicSetup.cgi component.

Impact

Exploitation of this vulnerability allows for unauthorized modification of the device's WLAN settings, potentially disrupting network connectivity or causing unauthorized access to the network.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DIR-816 Access Control Vulnerability in form2WlanBasicSetup.cgi Allowing Unauthenticated WLAN Service Modification

Vulnerability

Impact

Affected Products

D-Link DIR-816

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating