PT-2026-5053 · D Link · Dir-615
Zephyr369
·
Published
2026-01-13
·
Updated
2026-02-02
·
CVE-2026-1505
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-615 version 4.10
Description
A flaw exists in the URL Filter component of D-Link DIR-615 version 4.10, specifically in the processing of the
/set temp nodes.php file. This allows for os command injection, which can be triggered remotely. The exploit for this issue has been publicly released. This vulnerability impacts products that are no longer supported by the maintainer. The vulnerable file is /set temp nodes.php.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
OS Command Injection
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dir-615