返回 CVE 浏览器

CVE-2018-15515

HIGH

7.8

CVSS Severity Score

EPSS Score0.0250%

EPSS Percentile17.46th

Published2019年1月31日

Last Modified2024年11月21日

Vulnerability Description

The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.

Affected Platforms (CPE)

📦

Dlink

Central Wifimanager

= 1.03_r0098

References & Advisories

🔗 http://packetstormsecurity.com/files/150244/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-DLL-Hijacking.html

🔗 http://seclists.org/fulldisclosure/2018/Nov/29

🔗 http://packetstormsecurity.com/files/150244/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-DLL-Hijacking.html

🔗 http://seclists.org/fulldisclosure/2018/Nov/29

相关漏洞威胁

CVE-2018-155178.6

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP serv...

CVE-2018-155165.8

The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce ...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...