Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-42627

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.

Published

2022-08-23T12:15:08.487

Last Modified

2024-11-21T06:27:52.553

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dlink	dir-615_firmware	20.06	Yes
Hardware	dlink	dir-615	-	No
Operating System	dlink	dir-615_j1_firmware	20.06	Yes
Hardware	dlink	dir-615_j1	-	No
Operating System	dlink	dir-615_t1_firmware	20.06	Yes
Hardware	dlink	dir-615_t1	-	No
Operating System	dlink	dir-615jx10_firmware	20.06	Yes
Hardware	dlink	dir-615jx10	-	No

References

http://d-link.com Broken Link ([email protected])
http://dlink.com Product ([email protected])
https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 Third Party Advisory ([email protected])
https://www.dlink.com/en/security-bulletin/ Vendor Advisory ([email protected])
http://d-link.com Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://dlink.com Product (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.dlink.com/en/security-bulletin/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)