This page lists publicly disclosed CVE vulnerabilities affecting d-link dir-615_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-10431 | D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | [email protected] | 7.2 | 2.37% | 2018-04-26 | 2024-11-21 |
| CVE-2017-9542 | D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device. | [email protected] | 9.8 | 2.16% | 2017-06-11 | 2026-05-13 |
| CVE-2017-7398 | D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password. | [email protected] | 8.8 | 0.37% | 2017-04-04 | 2026-05-13 |