Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17353 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. | |||||
| CVE-2018-15875 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request. | |||||
| CVE-2018-15874 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request. | |||||
| CVE-2018-15839 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. | |||||
| CVE-2018-10431 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | |||||