⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2018-15517

CWE-918Server-Side Request Forgery (SSRF)5 documents5 sources
Severity
8.6HIGH
EPSS
76.9%
top 1.04%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Dlink Central Wifimanager
Timeline
PublishedJan 31
Latest updateMay 14

Description

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-hq7j-8qv3-mmrm: The MailConnect feature on D-Link Central WiFiManager CWM-100 12022-05-14
CVEList
CVE-2018-15517: The MailConnect feature on D-Link Central WiFiManager CWM-100 12019-01-31
VulnCheck
D-Link central_wifimanager Server-Side Request Forgery (SSRF)2018

💥Exploits & PoCs

1
Nuclei
D-Link Central WifiManager - Server-Side Request Forgery