HomePentest-Tools.com Logo

D-Link DIR-816L <= 2.06.B09 Multiple Vulnerabilities CVE-2020-15893CVE-2020-15894CVE-2020-15895

CVSSv3 Score
Vulnerability description

D-Link DIR-816L is prone to multiple vulnerabilities.

Risk description

The following vulnerabilities exist: - CVE-2020-15893: Command injection in the UPnP via a crafted M-SEARCH packet - CVE-2020-15894: Exposed administration function, allowing unauthorized access to the few sensitive information - CVE-2020-15895: Reflected XSS due to an unescaped value on the device configuration webpage


No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. The vendor states: DIR-816L (EOS: 03/01/2016) have reached its End-of-Support (EOS) / End-of-Life (EOL) Date. As a general policy, when the product reaches EOS/EOL, it can no longer be supported, and all firmware development for the product ceases, except in certain unique situations.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Jul 22, 2020
Detection added at
Software Type
Not available
Not available
Not available