216.73.216.89

CVE-2026-2152

· Published 08/02/2026 13:16 · Modified 09/02/2026 16:08

Labels: CVE-2026-2152 2026-02-08CVE-2026-2152CWE-77[email protected]

Essential information

Published
08/02/2026 13:16
Modified
09/02/2026 16:08
Author
Creator
CVSS
7.3 HIGH (v3) 7.3 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
d-link / dir-615 cpe:2.3:a:d-link:dir-615:4.10:*:*:*:*:*:*:*

References