Download
| Alert*
|
CVE-2017-7404
On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page that sends a POST reque ... CVE-2018-15839 D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. CVE-2019-17353 An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. CVE-2019-19742 On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field. |
