Vulnerability Description
The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-615 Firmware | 20.06 |
| Dlink | Dir-615 | - |
| Dlink | Dir-615 J1 Firmware | 20.06 |
| Dlink | Dir-615 J1 | - |
| Dlink | Dir-615 T1 Firmware | 20.06 |
| Dlink | Dir-615 T1 | - |
| Dlink | Dir-615Jx10 Firmware | 20.06 |
| Dlink | Dir-615Jx10 | - |
References
- http://d-link.comBroken Link
- http://dlink.comProduct
- https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627Third Party Advisory
- https://www.dlink.com/en/security-bulletin/Vendor Advisory
- http://d-link.comBroken Link
- http://dlink.comProduct
- https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627Third Party Advisory
- https://www.dlink.com/en/security-bulletin/Vendor Advisory
FAQ
What is CVE-2021-42627?
CVE-2021-42627 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and als...
How severe is CVE-2021-42627?
CVE-2021-42627 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-42627?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-615 Firmware, Dlink Dir-615, Dlink Dir-615 J1 Firmware, Dlink Dir-615 J1, Dlink Dir-615 T1 Firmware.