CVE-2026-4181 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 16, 2026
D-Link DIR-816 - Buffer Overflow
Overview
D-Link DIR-816 1.10CNB05 contains a stack-based buffer overflow caused by manipulation of key1/key2/key3/key4/pskValue arguments in /goform/form2RepeaterStep2.cgi component goahead, letting remote attackers execute code, exploit requires crafted request.
Severity & Score
Impact
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to the latest supported version or replace unsupported product.
References
Social Media Activity(2 posts)
š“ CVE-2026-4181 - Critical (9.8) A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-b... š https://www.thehackerwire.com/vulnerability/CVE-2026-4181/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš“ CVE-2026-4181 - Critical (9.8) A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-b... š https://www.thehackerwire.com/vulnerability/CVE-2026-4181/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-4181
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- unconfirmed
- EPSS
- 6.1%
- Social Posts
- 2
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H