CVE-2026-1448 | D-Link DIR-615 up to 4.10 Web Management Interface wiz_policy_3_machine.php ipaddr os command injection

A vulnerability was found in D-Link DIR-615 up to 4.10. It has been classified as critical. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is cataloged as CVE-2026-1448. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-1448 | D-Link DIR-615 up to 4.10 Web Management Interface wiz_policy_3_machine.php ipaddr os command injection

Post correlati

CVE-2024-0172 | Dell PowerEdge Server BIOS/Precision Rack BIOS privileges management (dsa-2024-035)

CVE-2024-12916 | Agito Computer Life4All prior 10.01.2025 sql injection

CVE-2024-13622 | imagisol File Uploads Addon for WooCommerce Plugin up to 1.7.1 on WordPress /wp-content/uploads information disclosure

CVE-2025-66720 | Free5GC 1.4.0 ampolicy.go HandleDeletePoliciesPolAssoId null pointer dereference (Issue 726)