HomePentest-Tools.com Logo

D-Link DIR-815 Rev.B < 2.07 Multiple Vulnerabilities CVE-2015-0150CVE-2015-0151CVE-2015-0152CVE-2015-0153

Severity
CVSSv3 Score
7.5
Vulnerability description

D-Link Router DIR-815 Rev.B is prone to multiple vulnerabilities.

Risk description

The following vulnerabilities exist: - CVE-2015-0150: The remote administration UI allows remote attackers to bypass intended access restrictions via unspecified vectors. - CVE-2015-0151: Cross-site request forgery (CSRF) allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. - CVE-2015-0152, CVE-2015-0153: It is possible for remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password or the wireless key.

Recommendation

Upgrade to firmware version 1.20B01 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 12, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available