id: CVE-2021-42627 info: name: D-Link DIR-615 - Unauthorized Access author: For3stCo1d severity: critical description: | D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. impact: | Successful exploitation of this vulnerability can lead to unauthorized access to the router, potentially compromising the network and exposing sensitive information. remediation: | Apply the latest firmware update provided by D-Link to fix the vulnerability and ensure strong and unique passwords are set for router administration. reference: - https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627 - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-42627 - http://d-link.com - http://dlink.com classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42627 epss-score: 0.06041 epss-percentile: 0.92756 cpe: cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: dlink product: dir-615_firmware shodan-query: http.title:"Roteador Wireless" tags: cve2021,cve,d-link,router,unauth,dir-615,roteador,dlink http: - method: GET path: - "{{BaseURL}}/wan.htm" matchers-condition: and matchers: - type: word part: body words: - "src='menu.js?v=\"+Math.random()+\"'>\");" - "var ipv6conntype" condition: and - type: word part: header words: - Virtual Web - type: status status: - 200 # digest: 4a0a0047304502203e22fd9309234ae4d2513841e9ceef53dddf229c2e8f3f8a05fecacf6d14b8f6022100af935d2e0b7436e168af5394f37f3ac961849c339a95a43db8a813ad0f38b7fc:922c64590222798bb761d5b6d8e72950