CVE-2015-5999

D-Link DIR-816L <2.06.B09_BETA - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-5999. PoCs published by Bhadresh Patel.

AI-analyzed exploit summary This is a working CSRF PoC for CVE-2015-5999 affecting D-Link DIR-816L routers. It exploits a lack of CSRF protection to change the admin password via a malicious HTML page.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi.

Exploits (1)

exploitdb WORKING POC
by Bhadresh Patel · textwebappshardware
https://www.exploit-db.com/exploits/38707

This is a working CSRF PoC for CVE-2015-5999 affecting D-Link DIR-816L routers. It exploits a lack of CSRF protection to change the admin password via a malicious HTML page.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: D-Link DIR-816L <=2.06.B01
Auth required
Prerequisites: Victim must be authenticated to the router · Victim must visit the malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Nov/45
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/536886/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77588
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38707/

Scores

EPSS 0.0321
EPSS Percentile 86.5%

Details

CWE
CWE-352
Status published
Products (1)
dlink/dir-816l_firmware < 2.05.b02
Published Nov 18, 2015
Tracked Since Feb 18, 2026