CVE-2021-42627

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 version 20.06

Description The issue allows unauthorized access to the WAN configuration page "wan.htm" without authentication, potentially disclosing WAN settings information and enabling attackers to modify data fields on the page.

Recommendations For version 20.06, consider restricting access to the "wan.htm" page until a patch is available. As a temporary workaround, limit access to the device's configuration interface to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-42627

Affected Products

Dir-615

CVE-2021-42627

Related Identifiers

Affected Products

References · 6