CNNVD-202601-4431 Information

CNNVD ID

CNNVD-202601-4431

Related CVE

CVE-2026-1448

• CNNVD Published: 2026-01-27

Description (Chinese)

D-Link DIR-615是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-615 4.10及之前版本存在操作系统命令注入漏洞，该漏洞源于对组件Web Management Interface中文件/wiz_policy_3_machine.php参数ipaddr的错误操作，可能导致os命令注入。

Description (English)

D-Link DIR-615 is a wireless router for the Chinese company D-Link. D-Link DIR-615 4.10 and previous versions have incorporated a loophole in the operating system command, which stems from an error in the file/wiz policy 3 machine.php parameter ipaddr of the component Web Management Interface, which may lead to an Os command injection.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

友讯

Published

2026-01-27

Last Modified

2026-02-24

References

https://pentagonal-time-3a7.notion.site/DIR-615-v4-10-2e7e5dd4c5a580a5aac5c8ce35933396?pvs=73 https://vuldb.com/?ctiid.342880 https://vuldb.com/?id.342880 https://vuldb.com/?submit.737006 https://www.dlink.com/