Skip to main content

R15 Firmware

2 CVEs product

Monthly

CVE-2025-60854 CRITICAL Act Now

A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.

Command Injection R15 Firmware D-Link
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-41603 MEDIUM PATCH This Month

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass D-Link R15 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.2%
EPSS 0% CVSS 9.8
CRITICAL Act Now

A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.

Command Injection R15 Firmware D-Link
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass D-Link R15 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy