| शीर्षक | Dlink DIR-615 v4.10 OS Command Injection |
|---|
| विवरण | A **command injection vulnerability** exists in the MAC Filter configuration logic of the D-Link **DIR-615** firmware.
The firmware fails to properly sanitize the MAC address input provided by the user. When applying the MAC filter settings, the backend PHP script constructs a shell command to update firewall rules (`iptables`). By injecting shell metacharacters into the MAC address field, an authenticated attacker can execute arbitrary system commands with **root privileges**. |
|---|
| स्रोत | ⚠️ https://pentagonal-time-3a7.notion.site/DIR-615-MAC_FILTER-2e7e5dd4c5a58091b027f50271cc7c6a |
|---|
| उपयोगकर्ता | Anonymous User |
|---|
| सबमिशन | 13/01/2026 04:53 PM (5 महीनों पहले) |
|---|
| संयम | 27/01/2026 09:08 PM (14 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 343118 [D-Link DIR-615 4.10 MAC Filter Configuration /adv_mac_filter.php mac अधिकार वृद्धि] |
|---|
| अंक | 17 |
|---|