PT-2026-5053 · D Link · Dir-615

Zephyr369

Publicado

2026-01-13

Atualizado

2026-02-02

CVE-2026-1505

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 version 4.10

Description A flaw exists in the URL Filter component of D-Link DIR-615 version 4.10, specifically in the processing of the /set temp nodes.php file. This allows for os command injection, which can be triggered remotely. The exploit for this issue has been publicly released. This vulnerability impacts products that are no longer supported by the maintainer. The vulnerable file is /set temp nodes.php.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-77

Identificadores relacionados

BDU:2026-01127

CVE-2026-1505

Produtos afetados

Dir-615

PT-2026-5053 · D Link · Dir-615

CVE-2026-1505

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13