CVE-2017-9542

Published: Jun 11, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.

Affected (1)

Products: D Link: Dir 615 Firmware

1 product

Dir 615 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
D Link Dir 615 Firmware	All versions

Running on/with	Platform Versions
Dlink Dir 615	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

http://www.securityfocus.com/bid/98992

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://twitter.com/tiger_tigerboy/status/873458088321220609

Source: cve@mitre.org

Third Party Advisory

https://www.facebook.com/tigerBOY777/videos/1368513696568992/

Source: cve@mitre.org

Permissions Required

http://www.securityfocus.com/bid/98992

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://twitter.com/tiger_tigerboy/status/873458088321220609

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.facebook.com/tigerBOY777/videos/1368513696568992/

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

Timeline

No history available yet.