Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17353 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2021-04-23 | 6.4 MEDIUM | 8.2 HIGH |
| An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. | |||||
| CVE-2017-7404 | 1 Dlink | 1 Dir-615 | 2021-04-23 | 6.8 MEDIUM | 8.8 HIGH |
| On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page that sends a POST request to Form2File.htm that tries to upload Firmware to victim's Router. This causes the router to reboot/crash resulting in Denial of Service. An attacker may succeed in uploading malicious Firmware. | |||||
| CVE-2019-17525 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2020-06-04 | 4.0 MEDIUM | 8.8 HIGH |
| The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | |||||