CVE-2023-39637

CRITICAL

D-Link DIR-816 A2 1.10 B05 - OS Command Injection via Diagnosis Component

Title source: llm

D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.

Core 4

Core References

Broken Link

Product

Third Party Advisory

Vendor Advisory

CVSS v3 9.8

EPSS 0.0096

EPSS Percentile 76.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

CWE

CWE-77

Status published

Products (1)

dlink/dir-816_firmware 1.10b05

Published Sep 12, 2023

Tracked Since Feb 18, 2026