The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.
References
Link | Resource |
---|---|
http://d-link.com | Broken Link |
http://dlink.com | Product |
https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 | Third Party Advisory |
https://www.dlink.com/en/security-bulletin/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
26 Apr 2023, 18:55
Type | Values Removed | Values Added |
---|---|---|
First Time |
Dlink dir-615
|
|
CPE | cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:* |
25 Aug 2022, 02:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:dlink:dir-615_j1_firmware:20.06:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-615_j1:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dir-615:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-615_t1:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-615jx10_firmware:20.06:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-615jx10:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-615_t1_firmware:20.06:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Dlink dir-615 Firmware
Dlink dir-615 J1 Dlink Dlink dir-615 T1 Dlink dir-615 T1 Firmware D-link dir-615 D-link Dlink dir-615 J1 Firmware Dlink dir-615jx10 Dlink dir-615jx10 Firmware |
|
References | (MISC) https://www.dlink.com/en/security-bulletin/ - Vendor Advisory | |
References | (MISC) https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 - Third Party Advisory | |
References | (MISC) http://d-link.com - Broken Link | |
References | (MISC) http://dlink.com - Product |
23 Aug 2022, 12:58
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-23 12:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-42627
Mitre link : CVE-2021-42627
CVE.ORG link : CVE-2021-42627
JSON object : View
Products Affected
dlink
- dir-615
- dir-615_t1_firmware
- dir-615jx10_firmware
- dir-615jx10
- dir-615_j1_firmware
- dir-615_j1
- dir-615_firmware
- dir-615_t1
CWE