Dir-615 firmware

This hub aggregates every CVE we track for Dir-615 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Dir-615 firmware.

• CVE-2026-2152D-Link DIR-615 Web Configuration adv_routing.php os command injection7.2Feb 8, 2026
• CVE-2026-2151D-Link DIR-615 DMZ Host Feature adv_firewall.php os command injection7.2Feb 8, 2026
• CVE-2026-1506D-Link DIR-615 MAC Filter Configuration adv_mac_filter.php os command injection7.2Jan 28, 2026
• CVE-2026-1505D-Link DIR-615 URL Filter set_temp_nodes.php os command injection7.2Jan 28, 2026
• CVE-2026-1448D-Link DIR-615 Web Management wiz_policy_3_machine.php os command injection7.2Jan 26, 2026
• CVE-2018-25115D-Link DIR-110/412/600/615/645/815 RCE via service.cgi9.8Aug 27, 2025
• CVE-2013-10050D-Link Devices tools_vct.xgi Authenticated RCE8.8Aug 1, 2025
• CVE-2024-0717D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure5.3Jan 19, 2024
• CVE-2021-42627The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and ...9.8Aug 23, 2022
• CVE-2021-40654An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page6.5Sep 24, 2021
• CVE-2021-37388A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution.9.8Aug 6, 2021
• CVE-2019-17525The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.8.8Apr 21, 2020
• CVE-2019-19742On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.4.8Dec 18, 2019
• CVE-2019-17353An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the W...8.2Oct 9, 2019
• CVE-2019-16920Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device...KEV9.8Sep 27, 2019