CVE-2026-4180
Awaiting Analysis Awaiting Analysis - Queue
Improper Access Control in D-Link DIR-816 goahead Redirect.asp

Publication date: 2026-03-16

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4180
EUVD
EUVD-2026-12231
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dlink dir-816_firmware 1.10cnb05
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

There are no known countermeasures or mitigations available for this vulnerability as the affected product is no longer supported by the vendor, D-Link.

The recommended immediate step is to replace the affected D-Link DIR-816 router model with an alternative, supported product to eliminate the risk.

Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-4180 is a critical access control vulnerability in the D-Link DIR-816 router, version 1.10CNB05, specifically in the goahead web server component's file redirect.asp. The vulnerability arises from improper handling of the token_id argument, allowing unauthorized remote attackers to bypass access controls without any authentication."}, {'type': 'paragraph', 'content': 'An attacker can access the redirect.asp page without authentication, which discloses the token_id used by the router for authentication. By obtaining this token_id, the attacker can bypass all authentication controls and potentially modify critical router settings, such as resetting the Wi-Fi password, leading to a complete compromise of the device’s wireless security.'}] [1, 2, 3]

Impact Analysis

This vulnerability can lead to unauthorized remote access to the affected router without any authentication, allowing attackers to bypass access controls.

  • Attackers can obtain the authentication token (token_id) and use it to gain full control over the device.
  • Unauthorized modification of critical router configurations, including resetting the Wi-Fi password.
  • Compromise of the confidentiality, integrity, and availability of the device.

Since the affected product is no longer supported by the vendor, no known mitigations exist, making replacement of the device the recommended action.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for the presence of the vulnerable redirect.asp page on the D-Link DIR-816 router version 1.10CNB05. Attackers can identify vulnerable targets using Google dorking techniques such as searching for "inurl:redirect.asp".'}, {'type': 'paragraph', 'content': 'To detect this on your network or system, you can attempt to access the redirect.asp page without authentication and observe if the token_id argument is exposed or accessible.'}, {'type': 'list_item', 'content': 'Use a web browser or curl command to access the URL: http://[router_ip]/redirect.asp'}, {'type': 'list_item', 'content': 'Example curl command: curl -v http://[router_ip]/redirect.asp'}, {'type': 'list_item', 'content': 'Look for the presence of a token_id parameter in the response or URL, which indicates the vulnerability.'}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4180. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart