CVE-2017-9542

critical

Description

D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.

References

https://www.facebook.com/tigerBOY777/videos/1368513696568992/

https://twitter.com/tiger_tigerboy/status/873458088321220609

http://www.securityfocus.com/bid/98992

Details

Source: Mitre, NVD

Published: 2017-06-11

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical