VAR-202508-0048
Vulnerability from variot - Updated: 2025-10-02 23:30An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. (DoS) It may be in a state. The D-Link DIR-615H1 is a wireless router from D-Link, a Chinese company.
The D-Link DIR-615H1 suffers from a command injection vulnerability caused by insufficient input sanitization in the tools_vct.htm endpoint. This vulnerability could allow an attacker to cause remote code execution
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202508-0048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-615h",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "8.04"
},
{
"model": "dir-615 rev.h1",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-615 rev.h1",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "dir-615 rev.h1 firmware 8.04 and earlier"
},
{
"model": "dir-615 rev.h1",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-615h1",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "8.04"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"cve": "CVE-2013-10059",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2025-18478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2013-10059",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2013-10059",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-10059",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "disclosure@vulncheck.com",
"id": "CVE-2013-10059",
"trust": 1.0,
"value": "High"
},
{
"author": "NVD",
"id": "CVE-2013-10059",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-18478",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1\u00a0running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. (DoS) It may be in a state. The D-Link DIR-615H1 is a wireless router from D-Link, a Chinese company. \n\nThe D-Link DIR-615H1 suffers from a command injection vulnerability caused by insufficient input sanitization in the tools_vct.htm endpoint. This vulnerability could allow an attacker to cause remote code execution",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-10059"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "CNVD",
"id": "CNVD-2025-18478"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-10059",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "24477",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "25609",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-18478",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"id": "VAR-202508-0048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
}
]
},
"last_update_date": "2025-10-02T23:30:44.378000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dlink_dir615_up_exec.rb"
},
{
"trust": 1.8,
"url": "https://web.archive.org/web/20150921102603/http://www.s3cur1ty.de/m1adv2013-008"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/24477"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/25609"
},
{
"trust": 1.8,
"url": "https://www.vulncheck.com/advisories/d-link-legacy-os-command-injection"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-10059"
},
{
"trust": 0.6,
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"date": "2025-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"date": "2025-08-01T21:15:28",
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18478"
},
{
"date": "2025-09-30T01:16:00",
"db": "JVNDB",
"id": "JVNDB-2025-014640"
},
{
"date": "2025-09-23T19:10:54.760000",
"db": "NVD",
"id": "CVE-2013-10059"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Corporation\u00a0 of \u00a0DIR-615\u00a0Rev.H1\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-014640"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…