Key Information Summary Vulnerability Name DIR-615 routing command injection Discoverer and Contact Information Discoverer: Jingwei Feng Contact Information: empire258700@gmail.com Affected Versions Affected Versions: D-Link DIR-615 (Rev D) firmware v4.10 and potentially earlier Components Components: Web configuration interface (adv_routing.php) and backend shell script handler (route_run.php). Vulnerability Overview Vulnerability Type: Command injection vulnerability Location: Static Routing configuration logic of the D-Link DIR-615 firmware. Root Cause: The firmware fails to properly sanitize the network parameters provided by the user in the Static Routing settings. When applying the routing rules, the backend PHP script constructs a shell command. By injecting shell metacharacters into any of these fields, an authenticated attacker can execute arbitrary system commands with root privileges. Authentication Authentication Requirement: Access to the vulnerable endpoint adv_routing.php requires a valid administrative session. Default Credentials: User: admin, Password: [blank], enabling attackers to gain access easily. Post-Authentication: Once authenticated, attackers can use the valid session ID to stage malicious routing entries and trigger the execution flow. Detailed Vulnerability Description Entry Point: The vulnerability is triggered via the Advanced -> Routing configuration page.