VDB

CVE-2016-5681

CVE-2016-5681 PUBLISHED CVSS 9.800000190734863 CRITICAL

Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.

EPSS 35.33% · 97.1th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
35.33%
97.1th percentile

Affected Products

VendorProductVersions
d-linkdir-817l\(w\)_firmware0
d-linkdir-850l_firmare0
d-linkdir-818l\(w\)_firmware0
n/an/an/a
d-linkdir-890l_firmware0
d-linkdir-880l_firmware0
d-linkdir-823_firmware0
d-linkdir-895l_firmware0
d-linkdir-885l_firmware0
dlinkdir-868l_firmware0, 0
dlinkdir-822_firmware3.01

Timeline

  • Aug 11, 2016 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jun 27, 2023 EPSS Score
  • Sep 7, 2023 EPSS Score
  • Oct 29, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›