Sign-up

ID

VAR-E-201302-0306


TITLE

D-Link DIR-615 Multiple Remote Security Vulnerabilities

Trust: 0.3

sources: BID: 57882

DESCRIPTION

D-Link DIR-615 is prone to multiple security vulnerabilities, including:
1. A remote command-injection vulnerability
2. An information-disclosure vulnerability
3. A cross-site request-forgery vulnerability
Exploiting these issues could allow an attacker to disclose sensitive information, perform arbitrary actions, or execute arbitrary commands in the context of the affected device.

Trust: 0.3

sources: BID: 57882

AFFECTED PRODUCTS

vendor:d linkmodel:dir-615scope:eqversion:0

Trust: 0.3

sources: BID: 57882

EXPLOIT

Attackers can use a browser to exploit these issues. To exploit the cross-site request-forgery vulnerability an attacker must entice an unsuspecting victim into following a malicious URI.
Example URIs and requests are available. Please see the references for more information.
The following example exploit code is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/57882.rb">/data/vulnerabilities/exploits/57882.rb</a></li>

Trust: 0.3

sources: BID: 57882

PRICE

Free

Trust: 0.3

sources: BID: 57882

TYPE

Unknown

Trust: 0.3

sources: BID: 57882

CREDITS

Michael Messner

Trust: 0.3

sources: BID: 57882

EXTERNAL IDS

db:BIDid:57882

Trust: 0.3

sources: BID: 57882

REFERENCES

url:http://www.dlink.com/

Trust: 0.3

sources: BID: 57882

SOURCES

db:BIDid:57882

LAST UPDATE DATE

2022-07-27T09:30:15.587000+00:00


SOURCES UPDATE DATE

db:BIDid:57882date:2013-05-20T10:23:00

SOURCES RELEASE DATE

db:BIDid:57882date:2013-02-11T00:00:00