EUVD-2025-200290

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-60854

CVE-2025-60854 affects D-Link R15 (AX1500) prior to 1.20.02. The vulnerability allows command injection in httpd by manipulating the model name parameter during a password change on the web administrator page. The CVSS v3.1 base score is 9.8 (CRITICAL) with network attack vector, no user interact...

D-Link R15 安全漏洞

D-Link R15 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link R15 that originates from the incorrect operation of the model name parameter during a password change request in the web administrator page, which could lead to command injection...

PT-2025-48741

Name of the Vulnerable Software and Affected Versions D-Link R15 AX1500 versions prior to 1.20.02 Description A flaw exists in D-Link R15 AX1500 that allows for command injection. The issue occurs due to manipulation of the model name parameter during a password change request on the web...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2023-41603

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6...

The vulnerability of the IPv6 Handler component in the D-Link R15 network device’s microprogramming software allows a hacker to gain unauthorized access to arbitrary services.

The vulnerability of the IPv6 Handler component in the D-Link R15 network device software is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain unauthorized access to arbitrary services...

CVE-2023-41603

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6...

Design/Logic Flaw

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6...

D-Link R15 安全漏洞

The D-Link R15 is a wireless router from China-based AUO D-Link. The D-Link R15 v1.08.02 suffers from a code issue vulnerability that stems from the device not including firewall restrictions for IPv6 traffic, which can be exploited by an attacker to arbitrarily access services on the device that...

CVE-2023-41603

Summary: CVE-2023-41603 affects the D-Link R15 router. Multiple sources list that prior to firmware version 1.08.02 the device did not enforce firewall restrictions for IPv6 traffic, allowing unauthenticated network access to services listening on IPv6. Affected product/versions: D-Link R15 firmw...

PT-2023-8524 · D Link · D-Link R15

Name of the Vulnerable Software and Affected Versions: D-Link R15 versions prior to 1.08.02 Description: The issue is related to a lack of firewall restrictions for IPv6 traffic, allowing attackers to access services running on the device that may be listening via IPv6. This can enable unauthoriz...