CVE-2023-41603

Published: Jan 10, 2024Modified: Jun 17, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

Affected (1)

Products: Dlink: R15 Firmware

Dlink

1 product

R15 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink R15 Firmware	Up to 1.08.02

Running on/with	Platform Versions
Dlink R15	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347

Source: cve@mitre.org

PatchVendor Advisory

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.