CVE-2017-9542
First published: Sun Jun 11 2017(Updated: )
D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-615GF Firmware | ||
| D-Link DIR-615 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-9542?
CVE-2017-9542 has a high severity rating due to the potential for unauthorized access to the affected device.
How do I fix CVE-2017-9542?
To fix CVE-2017-9542, update the firmware of the D-Link DIR-615 router to the latest version provided by D-Link.
What are the consequences of exploiting CVE-2017-9542?
Exploitation of CVE-2017-9542 allows an attacker to bypass authentication and take control of the router.
Is CVE-2017-9542 present in all D-Link DIR-615 routers?
CVE-2017-9542 affects specific firmware versions of the D-Link DIR-615 router, not all models.
How can I check if my device is affected by CVE-2017-9542?
You can check if your D-Link DIR-615 device is affected by verifying the firmware version against the known vulnerable versions.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/d-link
- canonical/d-link dir-615gf firmware
- vendor/dlink
- canonical/d-link dir-615