Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor D-link Subscribe
Filtered by product Dir-815 Firmware
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0150 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 7.5 HIGH 9.8 CRITICAL
The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2018-10108 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 4.3 MEDIUM 6.1 MEDIUM
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php.
CVE-2018-10107 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 4.3 MEDIUM 6.1 MEDIUM
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php.
CVE-2018-10106 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 7.5 HIGH 9.8 CRITICAL
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request.
CVE-2015-0153 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 5.0 MEDIUM 7.5 HIGH
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key.
CVE-2014-8888 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 10.0 HIGH 9.8 CRITICAL
The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an "HTTP command injection issue."
CVE-2015-0152 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-18 5.0 MEDIUM 9.8 CRITICAL
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password.
CVE-2015-0151 1 D-link 2 Dir-815, Dir-815 Firmware 2018-05-16 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.