Sign-up

ID

VAR-202004-2244


TITLE

D-Link DIR-615 privilege elevation vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-22294

DESCRIPTION

D-Link DIR-615 is a wireless router from D-Link, Taiwan. D-Link DIR-615 has a privilege escalation vulnerability. The vulnerability stems from the program's failure to complete verification and error detection of the file path. Attackers can use the REST API to upload malicious software to exploit this vulnerability to elevate permissions.

Trust: 0.6

sources: CNVD: CNVD-2020-22294

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-22294

AFFECTED PRODUCTS

vendor:d linkmodel:dir-615scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-22294

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-22294
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2020-22294
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-22294

PATCH

title:Patch for D-Link DIR-615 privilege elevation vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/213427

Trust: 0.6

sources: CNVD: CNVD-2020-22294

EXTERNAL IDS

db:PACKETSTORMid:155668

Trust: 0.6

db:CXSECURITYid:WLB-2019120072

Trust: 0.6

db:CNVDid:CNVD-2020-22294

Trust: 0.6

sources: CNVD: CNVD-2020-22294

REFERENCES

url:https://packetstormsecurity.com/files/155668/d-link-dir-615-privilege-escalation.html

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2019120072

Trust: 0.6

sources: CNVD: CNVD-2020-22294

SOURCES

db:CNVDid:CNVD-2020-22294

LAST UPDATE DATE

2022-05-17T02:09:42.146000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-22294date:2020-04-11T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-22294date:2020-04-11T00:00:00