Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-41603

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

Published

2024-01-10T08:15:37.740

Last Modified

2025-06-17T16:15:23.090

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dlink	r15_firmware	≤ 1.08.02	Yes
Hardware	dlink	r15	-	No

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347 Patch, Vendor Advisory ([email protected])
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)