关键信息总结 漏洞名称 DIR-615 routing command injection 发现者及联系信息 发现者: Jingwei Feng 联系信息: empire258700@gmail.com 受影响版本 受影响版本: D-Link DIR-615 (Rev D) firmware v4.10 and potentially earlier 组件 组件: Web configuration interface (adv_routing.php) and backend shell script handler (route_run.php). 漏洞概述 漏洞类型: command injection vulnerability 存在位置: Static Routing configuration logic of the D-Link DIR-615 firmware. 漏洞原因: The firmware fails to properly sanitize the network parameters provided by the user in the Static Routing settings. When applying the routing rules, the backend PHP script constructs a shell command. By injecting shell metacharacters into any of these fields, an authenticated attacker can execute arbitrary system commands with root privileges. 身份验证 身份验证要求: Access to the vulnerable endpoint adv_routing.php requires a valid administrative session. 默认凭据: User: admin, Password: [blank], enabling attackers to gain access easily. 验证后: Once authenticated, attackers can use the valid session ID to stage malicious routing entries and trigger the execution flow. 详细漏洞描述 入口点: The vulnerability is triggered via the Advanced -> Routing configuration page.