OpenCVE

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Dlink	R15 R15 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:dlink:r15_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:r15:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347

History

Thu, 14 Nov 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-10T00:00:00

Updated: 2024-11-14T16:29:17.047Z

Reserved: 2023-08-30T00:00:00

Link: CVE-2023-41603

Vulnrichment

Updated: 2024-08-02T19:01:35.268Z

NVD

Status : Modified

Published: 2024-01-10T08:15:37.740

Modified: 2024-11-21T08:21:20.663

Link: CVE-2023-41603

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object