Unauthenticated Reboot Vulnerability in D-link DIR-816 Router

Unauthenticated Reboot Vulnerability in D-link DIR-816 Router

CVE-2022-37133 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end.

Learn more about our Web Application Penetration Testing UK.