Description
A vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command injection. The attack can be initiated remotely. The exploit is now public and may be used.
Published: 2026-05-11
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The CVE describes a command injection flaw in the portForward function of the D-Link DIR-816 firmware 1.10CNB05_R1B011D88210. The flaw is caused by insufficient sanitization of the ip_address argument, which allows an attacker to inject arbitrary system commands. This vulnerability falls under CWE‑74 and CWE‑77. A remote attacker could exploit this by sending a crafted request to the web interface to cause the device to execute unintended commands.

Affected Systems

D-Link DIR-816 firmware version 1.10CNB05_R1B011D88210 is specifically affected. Any devices running that firmware build are at risk until updated.

Risk and Exploitability

The CVSS score of 5.3 places this issue in the medium severity range, and no EPSS score is provided, suggesting limited publicly known exploitation data. The vulnerability is not listed in the CISA KEV catalog. Attackers can leverage the publicly available exploit, with the attack vector being remote—any external user can send a crafted request to the web interface to trigger command execution.

Generated by OpenCVE AI on May 12, 2026 at 01:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the DIR-816 firmware to the latest release that removes the vulnerable portForward handler.
  • If a firmware update is not immediately available, block or disable the web management interface via firewall rules to prevent remote access.
  • Consider disabling the port forwarding feature altogether or limiting its use to trusted IP ranges.

Generated by OpenCVE AI on May 12, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-816
Dlink dir-816 Firmware
CPEs cpe:2.3:h:dlink:dir-816:a2:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-816_firmware:1.10cnb05_r1b011d88210:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-816
Dlink dir-816 Firmware

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 00:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-816
Vendors & Products D-link
D-link dir-816

Mon, 11 May 2026 23:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command injection. The attack can be initiated remotely. The exploit is now public and may be used.
Title D-Link DIR-816 portForward command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Dir-816
Dlink Dir-816 Dir-816 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-12T13:18:35.014Z

Reserved: 2026-05-11T16:24:24.012Z

Link: CVE-2026-8346

cve-icon Vulnrichment

Updated: 2026-05-12T13:18:31.681Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-12T00:17:03.433

Modified: 2026-05-12T19:55:06.467

Link: CVE-2026-8346

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T01:30:04Z

Weaknesses