Lucene search
K
DlinkDir-615

5 matches found

CVE
CVE
added 2017/07/07 12:0 p.m.63 views

CVE-2017-7405

CVE-2017-7405 affects D-Link DIR-615 before firmware v20.12PTb04. After authentication, an attacker can hijack an admin session by spoofing the user’s IP address; IP sniffing can reveal victim and router IPs, and if web access is used behind NAT/Proxy, the attacker can take over the session witho...

9.8CVSS9.4AI score0.01558EPSS
CVE
CVE
added 2017/07/07 12:0 p.m.53 views

CVE-2017-7406

The CVE-2017-7406 issue affects the D-Link DIR-615 prior to firmware v20.12PTb04, where authenticated pages do not use SSL and users cannot generate their own SSL certificates. This enables credential theft through network traffic sniffing. Remediation is to upgrade to firmware v20.12PTb04 or lat...

9.8CVSS9.1AI score0.00685EPSS
CVE
CVE
added 2017/07/19 7:0 a.m.51 views

CVE-2017-11436

CVE-2017-11436 affects the D-Link DIR-615 router (pre-20.12PTb04) with a second admin account containing a 0x1 BACKDOOR value, which could allow remote attackers to gain administrator access via TELNET. The vulnerability is documented across multiple sources (NVD/CNVD) with impact described as re...

9.8CVSS9.2AI score0.02026EPSS
CVE
CVE
added 2017/07/07 12:0 p.m.50 views

CVE-2017-7404

The CVE references a CSRF vulnerability in the Web Interface of the D-Link DIR-615 (pre‑v20.12PTb04). Attackers can lure a logged‑in user to a malicious page which sends a POST to Form2File.htm, uploading firmware without credentials and potentially rebooting/crashing the device (DoS) or enabling...

8.8CVSS8.5AI score0.00606EPSS
CVE
CVE
added 2010/04/27 3:0 p.m.47 views

CVE-2009-4821

CVE-2009-4821 affects the D-Link DIR-615 router (firmware 3.10NA). The vulnerability is that apply.cgi does not require administrative authentication, allowing remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the Wi‑Fi security requirement via unspec...

5CVSS7.5AI score0.01328EPSS