Unrated severityNVD Advisory· Published Jan 26, 2026· Updated Feb 23, 2026
D-Link DIR-615 Web Management wiz_policy_3_machine.php os command injection
CVE-2026-1448
Description
A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- pentagonal-time-3a7.notion.site/DIR-615-v4-10-2e7e5dd4c5a580a5aac5c8ce35933396mitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.dlink.commitreproduct
News mentions
0No linked articles in our index yet.