Support Announcements
DIR-615 H/W RevTx (Non-US Model) : CVE-2018-10110 XSS vulnerability

Overview

t has recently been reported that D-Link’s DIR-615 T1 Router could still be vulnerable to Persistent Cross Site Scripting. After prompt investigation by D-Link and an independent 3rd party security company,

 

D-Link hereby re-affirms that the latest firmware released back in May 2017, once downloaded, eliminates the risk of the mentioned vulnerability.

 

The reported issue only applies to legacy firmware versions. To reduce the risk from any new potential security vulnerabilities, we strongly urge users to regularly check D-Link’s Support website to update their devices to the latest firmware.

 

References:

  • packet storm :: link

 

Affected Models

 

DIR-615 Hardware Revision Tx (Non-US Models)**

 

** Due the number of duplicate reports regarding this H/W revision D-Link US (D-Link Systems, Inc.) offers the updated firmware for download on these revsions as a courtesey. No other support is offered and we encourage you to contact your regional office which can be found: http://us.dlink.com/go-country/

 

Corrected Firmware:

 

DIR-615  Revision Tx: http://support.dlink.com/ProductInfo.aspx?m=DIR-615

 

Security patch for your D-Link Devices
 
These firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
 
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.