CVE-2017-9542
CRITICALD-Link DIR-615 Wireless N 300 Router - Auth Bypass
Title source: llmDescription
D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://twitter.com/tiger_tigerboy/status/873458088321220609
Permissions Required x_refsource_misc
https://www.facebook.com/tigerBOY777/videos/1368513696568992/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98992
Scores
CVSS v3
9.8
EPSS
0.0507
EPSS Percentile
91.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
d-link/dir-615_firmware
Published
Jun 11, 2017
Tracked Since
Feb 18, 2026