• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

dir-615_firmware

CVE-2018-15875

February 26, 2023 by

Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router’s admin UPnP page via the description field in an AddPortMapping UPnP SOAP request.

CVE-2018-15839

February 26, 2023 by

D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.

CVE-2018-15874

February 26, 2023 by

Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the “Status -> Active Client Table” page via the hostname field in a DHCP request.

CVE-2019-19742

February 26, 2023 by

On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.

CVE-2019-17525

February 26, 2023 by

The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.

CVE-2019-17353

February 26, 2023 by

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE