CVE-2021-42627

critical

Description

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627

http://dlink.com

http://d-link.com

Details

Source: Mitre, NVD

Published: 2022-08-23

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.67443