Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-10431 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | |||||
CVE-2017-9542 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device. | |||||
CVE-2017-7398 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password. |