id: CVE-2021-42627 info: name: D-Link DIR-615 - Unauthorized Access author: For3stCo1d severity: critical description: | D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. remediation: | Apply the latest firmware update provided by D-Link to fix the vulnerability and ensure strong and unique passwords are set for router administration. reference: - https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-42627 - http://d-link.com - http://dlink.com classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42627 epss-score: 0.05731 epss-percentile: 0.92513 cpe: cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: dlink product: dir-615_firmware shodan-query: http.title:"Roteador Wireless" tags: cve,cve2021,d-link,router,unauth,dir-615,roteador http: - method: GET path: - "{{BaseURL}}/wan.htm" matchers-condition: and matchers: - type: word part: body words: - "src='menu.js?v=\"+Math.random()+\"'>\");" - "var ipv6conntype" condition: and - type: word part: header words: - Virtual Web - type: status status: - 200 # digest: 4b0a00483046022100cd08eb769f2a2f0846f5f988355ab5f59f89ef4b7953cf20976513a0cfaf304e022100f51cc1bb2acb16654f011c16f0c73ae50e07f180930178d58840bb8da8c5b957:922c64590222798bb761d5b6d8e72950