CVE-2026-2151 | D-Link DIR-615 4.10 DMZ Host Feature adv_firewall.php dmz_ipaddr os command injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability was found in D-Link DIR-615 4.10 and classified as critical. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Such manipulation of the argument dmz_ipaddr leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2026-2151. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-2151 | D-Link DIR-615 4.10 DMZ Host Feature adv_firewall.php dmz_ipaddr os command injection

Post correlati

CVE-2024-10395 | zephyrproject-rtos Zephyr up to 3.7 http_server_get_content_type_from_extension buffer under-read (GHSA-hfww-j92m-x8fv)

CVE-2026-24622 | Sergiy Dzysyak Suggestion Toolkit Plugin up to 5.0 on WordPress authorization

CVE-2024-13191 | ZeroWdd myblog 1.0 uploadController.java upload file unrestricted upload

CVE-2024-36477 | Linux Kernel up to 6.6.32/6.9.3 tpm_tis_spi out-of-bounds (1547183852dc/de13c56f9947/195aba96b854)