Pratik S. Shah

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-615 version 20.09 **Description** The issue allows an attacker to perform unwanted actions on a wireless router for which the user or admin is currently authenticated. This can be demonstrated by changing the Security option from WPA2 to None, or modifying the `hiddenSSID` parameter, `SSID` parameter, or a security-option `password`. **Recommendations** For D-Link DIR-615 version 20.09, consider disabling access to the web interface until a patch is available to prevent exploitation of the Cross-Site Request Forgery issue. Restrict access to the router's configuration page to minimize the risk of unauthorized changes. Avoid using the router's web interface for sensitive operations until the issue is resolved.