Sign-up

ID

VAR-202601-3982


CVE

CVE-2026-1505


DESCRIPTION

A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes.php of the component URL Filter. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

Trust: 1.0

sources: NVD: CVE-2026-1505

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-615scope:eqversion:4.10

Trust: 1.0

sources: NVD: CVE-2026-1505

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-1505
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2026-1505
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:L/AU:M/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2026-1505
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-1505

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:CWE-77

Trust: 1.0

sources: NVD: CVE-2026-1505

EXTERNAL IDS

db:VULDBid:343117

Trust: 1.0

db:NVDid:CVE-2026-1505

Trust: 1.0

sources: NVD: CVE-2026-1505

REFERENCES

url:https://vuldb.com/?submit.737061

Trust: 1.0

url:https://pentagonal-time-3a7.notion.site/d-link-dir-615-2e7e5dd4c5a580109a14fdeb6f105cd6

Trust: 1.0

url:https://vuldb.com/?ctiid.343117

Trust: 1.0

url:https://vuldb.com/?id.343117

Trust: 1.0

url:https://www.dlink.com/

Trust: 1.0

sources: NVD: CVE-2026-1505

SOURCES

db:NVDid:CVE-2026-1505

LAST UPDATE DATE

2026-01-31T23:36:00.053000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-1505date:2026-01-30T21:47:30.330

SOURCES RELEASE DATE

db:NVDid:CVE-2026-1505date:2026-01-28T02:16:00.083