CVE-2021-42627

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.

Published: Aug 23, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-42627
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
dlink / dir-615_firmware	20.06	20.06.x
dlink / dir-615_j1_firmware	20.06	20.06.x
dlink / dir-615_t1_firmware	20.06	20.06.x
dlink / dir-615jx10_firmware	20.06	20.06.x

http://d-link.com
http://dlink.com
https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627
https://www.dlink.com/en/security-bulletin/

Vulnerability Database

CVE-2021-42627

Deep Security Visibility Without the Complexity