A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Conclusion & alert: CVE-2024-13106 is rated Moderate Risk (59.5/100): CVSS Medium severity, with high exploitation likelihood (EPSS 27.20%, 98th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-25 | 29.50% | 27.20% | -2.30% |
| 2 | 2026-06-15 | 1.81% | 29.50% | +27.69% |
| 3 | 2026-03-11 | — | 1.81% | — |
Full EPSS history (14 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.9 | 4.0 | MEDIUM |
|
— | — | [email protected] |
| 5.3 | 3.1 | MEDIUM |
|
3.9 | 1.4 | [email protected] |
| 5.3 | 3.1 | MEDIUM |
|
3.9 | 1.4 | [email protected] |
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| dlink | dir-816_firmware | 1.10cnb05_r1b011d88210 | cpe:2.3:o:dlink:dir-816_firmware:1.10cnb05_r1b011d88210:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2IPQoSTcAdd.md | Broken Link |
| https://vuldb.com/?ctiid.289922 | Permissions Required |
| https://vuldb.com/?id.289922 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.472086 | Third Party Advisory VDB Entry |
| https://www.dlink.com/ | Product |