CVE-2018-15515
First published: Thu Jan 31 2019(Updated: )
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Central Wifimanager | =1.03_r0098 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-15515?
CVE-2018-15515 is a vulnerability that allows unprivileged local users to gain SYSTEM privileges on D-Link Central WiFiManager CWM-100 1.03 r0098 devices.
What is the severity of CVE-2018-15515?
CVE-2018-15515 has a severity level of 7.8 (High).
How does CVE-2018-15515 work?
CVE-2018-15515 works by loading a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory, allowing unprivileged local users to gain SYSTEM privileges.
Which software versions are affected by CVE-2018-15515?
CVE-2018-15515 affects D-Link Central WiFiManager CWM-100 1.03 r0098 devices.
How can I fix the CVE-2018-15515 vulnerability?
To fix the CVE-2018-15515 vulnerability, it is recommended to update the D-Link Central WiFiManager CWM-100 device to a patched version provided by the vendor.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dlink
- canonical/dlink central wifimanager
- version/dlink central wifimanager/1.03_r0098