Dlink

Dir-615 Firmware

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-25115

Exploit
  • EPSS 0.52%
  • Veröffentlicht 27.08.2025 21:24:23
  • Zuletzt bearbeitet 24.09.2025 18:03:34

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system comman...

8.8

CVE-2013-10050

Exploit
  • EPSS 0.35%
  • Veröffentlicht 01.08.2025 20:39:00
  • Zuletzt bearbeitet 23.09.2025 17:38:12

An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in...

5.3

CVE-2024-0717

Exploit
  • EPSS 28.39%
  • Veröffentlicht 19.01.2024 16:15:11
  • Zuletzt bearbeitet 21.11.2024 08:47:12

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, D...

9.8

CVE-2021-42627

  • EPSS 49.71%
  • Veröffentlicht 23.08.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:27:52

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of p...

6.5

CVE-2021-40654

Exploit
  • EPSS 0.83%
  • Veröffentlicht 24.09.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:24:31

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

9.8

CVE-2021-37388

Exploit
  • EPSS 3.43%
  • Veröffentlicht 06.08.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:03

A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution.

8.8

CVE-2019-17525

Exploit
  • EPSS 13.06%
  • Veröffentlicht 21.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:32:26

The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.

4.8

CVE-2019-19742

Exploit
  • EPSS 4.59%
  • Veröffentlicht 18.12.2019 13:15:11
  • Zuletzt bearbeitet 21.11.2024 04:35:17

On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.

8.2

CVE-2019-17353

  • EPSS 0.63%
  • Veröffentlicht 09.10.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:09

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modif...

10

CVE-2019-16920

Warnung Exploit
  • EPSS 94.34%
  • Veröffentlicht 27.09.2019 12:15:10
  • Zuletzt bearbeitet 03.04.2025 19:51:22

Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common i...