Critical severity9.8CISA KEVNVD Advisory· Published Sep 21, 2017· Updated Apr 21, 2026

CVE-2015-1187

Description

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

Affected products

Dlink/Dir 626l Firmware
cpe:2.3:o:dlink:dir-626l_firmware:1.04:b04:*:*:*:*:*:*
Dlink/Dir 636l Firmware
cpe:2.3:o:dlink:dir-636l_firmware:1.04:*:*:*:*:*:*:*
Dlink/Dir 651 Firmware
cpe:2.3:o:dlink:dir-651_firmware:1.10na:b02:*:*:*:*:*:*
Dlink/Dir 808l Firmware
cpe:2.3:o:dlink:dir-808l_firmware:1.03:b05:*:*:*:*:*:*
Dlink/Dir 810l Firmware2 versions
cpe:2.3:o:dlink:dir-810l_firmware:1.01:b04:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:dlink:dir-810l_firmware:1.01:b04:*:*:*:*:*:*
- cpe:2.3:o:dlink:dir-810l_firmware:2.02:b01:*:*:*:*:*:*
Dlink/Dir 820l Firmware3 versions
cpe:2.3:o:dlink:dir-820l_firmware:1.02:b10:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:dlink:dir-820l_firmware:1.02:b10:*:*:*:*:*:*
- cpe:2.3:o:dlink:dir-820l_firmware:1.05:b03:*:*:*:*:*:*
- cpe:2.3:o:dlink:dir-820l_firmware:2.01:b02:*:*:*:*:*:*
Dlink/Dir 826l Firmware
cpe:2.3:o:dlink:dir-826l_firmware:1.00:b23:*:*:*:*:*:*
Dlink/Dir 830l Firmware
cpe:2.3:o:dlink:dir-830l_firmware:1.00:b07:*:*:*:*:*:*
Dlink/Dir 836l Firmware
cpe:2.3:o:dlink:dir-836l_firmware:1.01:b03:*:*:*:*:*:*
Trendnet/Tew 651br Firmware
cpe:2.3:o:trendnet:tew-651br_firmware:-:*:*:*:*:*:*:*
Trendnet/Tew 652br Firmware
cpe:2.3:o:trendnet:tew-652br_firmware:-:*:*:*:*:*:*:*
Trendnet/Tew 711br Firmware
cpe:2.3:o:trendnet:tew-711br_firmware:1.00:b31:*:*:*:*:*:*
Trendnet/Tew 731br Firmware
cpe:2.3:o:trendnet:tew-731br_firmware:2.01:b01:*:*:*:*:*:*
Trendnet/Tew 810dr Firmware
cpe:2.3:o:trendnet:tew-810dr_firmware:1.00:b19:*:*:*:*:*:*
Trendnet/Tew 813dru Firmware
cpe:2.3:o:trendnet:tew-813dru_firmware:1.00:b23:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.htmlnvdIssue TrackingThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2015/Mar/15nvdIssue TrackingMailing ListThird Party Advisory
securityadvisories.dlink.com/security/publication.aspxnvdVendor Advisory
www.securityfocus.com/bid/72848nvdBroken LinkThird Party AdvisoryVDB Entry
github.com/darkarnium/secpub/tree/master/Multivendor/ncc2nvdBroken LinkIssue TrackingMitigationThird Party Advisory
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.066
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000