Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page that sends a POST request to Form2File.htm that tries to upload Firmware to victim's Router. This causes the router to reboot/crash resulting in Denial of Service. An attacker may succeed in uploading malicious Firmware.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DIR-615 跨站请求伪造漏洞
Vulnerability Description
D-Link DIR-615是中国台湾友讯(D-Link)公司的一款无线路由器。 D-Link DIR-615 20.12PTb04之前的版本中存在跨站请求伪造漏洞。攻击者可借助恶意的网站利用该漏洞造成拒绝服务(路由器重启/崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A