D-Link DIR-615 HW: T1 FW:20.09 Cross-Site Request Forgery (CSRF) Vulnerability

D-Link DIR-615 HW: T1 FW:20.09 Cross-Site Request Forgery (CSRF) Vulnerability

CVE-2017-7398 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password.

Learn more about our User Device Pen Test.