Critical severity9.8NVD Advisory· Published Oct 26, 2017· Updated May 13, 2026
CVE-2017-15909
CVE-2017-15909
Description
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access.
Affected products
3cpe:2.3:o:dlink:dgs-1500_firmware:2.10.002:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:dlink:dgs-1500_firmware:2.10.002:*:*:*:*:*:*:*
- cpe:2.3:o:dlink:dgs-1500_firmware:2.50.008:*:*:*:*:*:*:*
- cpe:2.3:o:dlink:dgs-1500_firmware:2.51.005:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- ftp2.dlink.com/PRODUCTS/DGS-1500-20/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdfnvdVendor Advisory
- ftp2.dlink.com/PRODUCTS/DGS-1500-28/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdfnvdVendor Advisory
- ftp2.dlink.com/PRODUCTS/DGS-1500-28P/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdfnvdVendor Advisory
- ftp2.dlink.com/PRODUCTS/DGS-1500-52/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.