D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.
9.8CVSS
9.7AI Score
0.684EPSS
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request.
6.1CVSS
6AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request.
6.1CVSS
6AI Score
0.001EPSS