CVE-2017-7398

D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:d-link:dir-615_firmware:20.09:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

History

26 Apr 2023, 18:55

Type Values Removed Values Added
CPE cpe:2.3:h:d-link:dir-615:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

Information

Published : 2017-04-04 14:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-7398

Mitre link : CVE-2017-7398

CVE.ORG link : CVE-2017-7398


JSON object : View

Products Affected

d-link

  • dir-615_firmware

dlink

  • dir-615
CWE
CWE-352

Cross-Site Request Forgery (CSRF)