Remote Code Execution Vulnerability in D-Link DIR-615 Router
CVE-2009-4821

Currently unrated

Key Information:

Vendor: D-Link
Status: Dir-615
Vendor: CVE Published:; 27 April 2010

Summary

The D-Link DIR-615 router with firmware version 3.10NA has a significant vulnerability that allows remote attackers to gain unauthorized access to the device. By exploiting the lack of administrative authentication on apply.cgi, attackers can change the admin password, disable Wi-Fi security settings, and alter DNS configurations. This exposes users to potential data interception and network hijacking.

References

http://www.securityfocus.com/bid/37415

vdb-entryx_refsource_BID

http://secunia.com/advisories/37777

third-party-advisoryx_refsource_SECUNIA

http://www.hiredhacker.com/2009/12/15/d-link-dir-615-remo...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 27, 2010