CVE-2026-4181 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 16, 2026
D-Link DIR-816 - Buffer Overflow
Published: March 16, 2026Updated: March 16, 2026Remote Exploitable
Overview
D-Link DIR-816 1.10CNB05 contains a stack-based buffer overflow caused by manipulation of the arguments key1/key2/key3/key4/pskValue in /goform/form2RepeaterStep2.cgi component goahead, letting remote attackers execute arbitrary code, exploit requires no special privileges.
Severity & Score
Severity: Critical
CVSS Score: 9.8
Impact
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to the latest supported version or replace unsupported product.
References
Related Resources
Details
- CVE ID
- CVE-2026-4181
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- unconfirmed
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H