CVE-2026-2152 | D-Link DIR-615 4.10 Web Configuration Interface adv_routing.php dest_ip/ submask/ gw os command injection

A vulnerability was found in D-Link DIR-615 4.10. It has been classified as critical. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability was named CVE-2026-2152. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-2152 | D-Link DIR-615 4.10 Web Configuration Interface adv_routing.php dest_ip/ submask/ gw os command injection

Post correlati

CVE-2023-51517 | CodePeople Calculated Fields Form Plugin up to 1.2.28 on WordPress redirect

CVE-2024-52327 | ECOVACS Robot Lawn Mower/Robot Vacuum Home/Cloud Service client-side authentication

CVE-2025-49797 | Brother Industries/Toshiba Tec Driver Installer on Windows file access

CVE-2023-7020 | Tongda OA 2017 up to 11.9 view.php TEMP_ID sql injection