CVE-2017-9542
Summary
| CVE | CVE-2017-9542 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-06-11 23:29:00 UTC |
| Updated | 2023-04-26 18:55:00 UTC |
| Description | D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | D-link | Dir-615 | - | All | All | All |
| Hardware | D-link | Dir-615 | - | All | All | All |
| Operating System | D-link | Dir-615 Firmware | All | All | All | All |
| Operating System | D-link | Dir-615 Firmware | All | All | All | All |
| Hardware | Dlink | Dir-615 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Sachin Wagh - #I_am_Back #After_Long_Days... | MISC | www.facebook.com | Permissions Required |
| Sachin Wagh na Twitterze: "D-Link DIR-615 Wireless N 300 Router Authentication Bypass Vulnerability https://t.co/k6Q8eu4RKv" | MISC | twitter.com | Third Party Advisory |
| D-Link DIR-615 Wireless N 300 Router CVE-2017-9542 Authentication Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.