D-Link DIR-816 1.10CNB05 Improper Access via redirect.asp
CVE-2026-4180 Published on March 15, 2026

D-Link DIR-816 goahead redirect.asp access control
A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.

NVD

Timeline

2026-03-14

Advisory disclosed

2026-03-14

VulDB entry created

2026-03-14

VulDB entry last update

Weakness Types

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2026-4180 has been classified to as an Authorization vulnerability or weakness.

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Affected Versions

D-Link DIR-816 Version 1.10CNB05 is affected by CVE-2026-4180

D-Link DIR-816 1.10CNB05 Improper Access via redirect.aspCVE-2026-4180 Published on March 15, 2026

Timeline

Weakness Types

What is an Authorization Vulnerability?

Incorrect Privilege Assignment

Affected Versions

D-Link DIR-816 1.10CNB05 Improper Access via redirect.asp
CVE-2026-4180 Published on March 15, 2026