Vulnerabilities > CVE-2021-42627 - Unspecified vulnerability in Dlink products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dlink

critical

NVD

Published: 2022-08-23

Updated: 2023-04-26

Summary

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.

Vulnerable Configurations

Part	Description	Count
OS	Dlink Dlink DIR 615 Firmware 20.06 Dlink DIR 615 J1 Firmware 20.06 Dlink DIR 615 T1 Firmware 20.06 Dlink DIR 615Jx10 Firmware 20.06	4
Hardware	Dlink Dlink DIR 615 - Dlink DIR 615 J1 - Dlink DIR 615 T1 - Dlink DIR 615Jx10 -	4

References

https://www.dlink.com/en/security-bulletin/
https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627
http://d-link.com
http://dlink.com