Dir 615
by Dlink
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15839 | Cri | 0.70 | 9.8 | 0.45 | Aug 28, 2018 | D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. | ||
| CVE-2013-10050 | Hig | 0.67 | 8.8 | 0.10 | Aug 1, 2025 | An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing… | ||
| CVE-2017-11436 | Cri | 0.64 | 9.8 | 0.02 | Jul 19, 2017 | D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. | ||
| CVE-2017-7406 | Cri | 0.64 | 9.8 | 0.01 | Jul 7, 2017 | The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages. Also, it doesn't allow the user to generate his own SSL Certificate. An attacker can simply monitor network traffic to steal a user's credentials and/or credentials of users being… | ||
| CVE-2017-7405 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2017 | On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim's host, an attacker might be able to take over the administrative session without being… | ||
| CVE-2017-9542 | Cri | 0.64 | 9.8 | 0.05 | Jun 11, 2017 | D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device. | ||
| CVE-2017-7404 | Hig | 0.57 | 8.8 | 0.01 | Jul 7, 2017 | On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page… | ||
| CVE-2018-10431 | Hig | 0.47 | 7.2 | 0.03 | Apr 26, 2018 | D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | ||
| CVE-2018-15875 | Med | 0.40 | 6.1 | 0.01 | Aug 25, 2018 | Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request. | ||
| CVE-2018-15874 | Med | 0.40 | 6.1 | 0.01 | Aug 25, 2018 | Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request. | ||
| CVE-2013-10059 | 0.09 | — | 0.19 | Aug 1, 2025 | An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm… | |||
| CVE-2021-42627 | 0.06 | — | 0.67 | Aug 23, 2022 | The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | |||
| CVE-2019-17525 | 0.04 | — | 0.06 | Apr 21, 2020 | The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | |||
| CVE-2019-19743 | 0.04 | — | 0.09 | Dec 16, 2019 | On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal. | |||
| CVE-2019-19742 | 0.03 | — | 0.20 | Dec 18, 2019 | On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field. | |||
| CVE-2024-0717 | 0.02 | — | 0.18 | Jan 19, 2024 | A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,… | |||
| CVE-2026-2152 | 0.00 | — | 0.05 | Feb 8, 2026 | A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be… | |||
| CVE-2026-2151 | 0.00 | — | 0.04 | Feb 8, 2026 | A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Such manipulation of the argument dmz_ipaddr leads to os command injection. The attack can be launched remotely. The exploit has… | |||
| CVE-2026-1506 | 0.00 | — | 0.05 | Jan 28, 2026 | A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /adv_mac_filter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely.… | |||
| CVE-2026-1505 | 0.00 | — | 0.04 | Jan 28, 2026 | A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes.php of the component URL Filter. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and… |
- risk 0.70cvss 9.8epss 0.45
D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.
- risk 0.67cvss 8.8epss 0.10
An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing…
- risk 0.64cvss 9.8epss 0.02
D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection.
- risk 0.64cvss 9.8epss 0.01
The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages. Also, it doesn't allow the user to generate his own SSL Certificate. An attacker can simply monitor network traffic to steal a user's credentials and/or credentials of users being…
- risk 0.64cvss 9.8epss 0.02
On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim's host, an attacker might be able to take over the administrative session without being…
- risk 0.64cvss 9.8epss 0.05
D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.
- risk 0.57cvss 8.8epss 0.01
On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page…
- risk 0.47cvss 7.2epss 0.03
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request.
- CVE-2013-10059Aug 1, 2025risk 0.09cvss —epss 0.19
An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm…
- CVE-2021-42627Aug 23, 2022risk 0.06cvss —epss 0.67
The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.
- CVE-2019-17525Apr 21, 2020risk 0.04cvss —epss 0.06
The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.
- CVE-2019-19743Dec 16, 2019risk 0.04cvss —epss 0.09
On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal.
- CVE-2019-19742Dec 18, 2019risk 0.03cvss —epss 0.20
On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.
- CVE-2024-0717Jan 19, 2024risk 0.02cvss —epss 0.18
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…
- CVE-2026-2152Feb 8, 2026risk 0.00cvss —epss 0.05
A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be…
- CVE-2026-2151Feb 8, 2026risk 0.00cvss —epss 0.04
A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Such manipulation of the argument dmz_ipaddr leads to os command injection. The attack can be launched remotely. The exploit has…
- CVE-2026-1506Jan 28, 2026risk 0.00cvss —epss 0.05
A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /adv_mac_filter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely.…
- CVE-2026-1505Jan 28, 2026risk 0.00cvss —epss 0.04
A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes.php of the component URL Filter. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and…
Page 1 of 2