CVE-2026-4182

EUVD-2026-12235

16.03.2026, 14:19

A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 50%

Affected Products (NVD)

Vendor	Product	Version
dlink	dir-816_firmware	1.10cnb05:cnb05

𝑥

= Vulnerable software versions

Known Exploits!

https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_86/86.md

Common Weakness Enumeration

References

https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_86/86.md

https://vuldb.com/?ctiid.351086

https://vuldb.com/?id.351086

https://vuldb.com/?submit.769830

https://www.dlink.com/