D-Link DCS-5615 Boa Webserver boa.conf least privilege violation_CVE-2026-11497

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2026-11497

Source VulDB

Published Jun 8, 2026 at 06:30

Affected Product

Vendor D-Link

Product DCS-5615

Version 1.01.00

Affected Versions D-Link DCS-5615 1.01.00

CWE Classification

CWE-272 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2026-06-08T06:30:10.399Z",
    "modified": "2026-06-08T06:30:10.399Z",
    "type": "cve",
    "title": "D-Link DCS-5615 Boa Webserver boa.conf least privilege violation",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/369117\nhttps://vuldb.com/vuln/369117/cti\nhttps://vuldb.com/cve/CVE-2026-11497\nhttps://vuldb.com/submit/834823\nhttps://www.notion.so/D-link-DCS-5615_REV_1-01-00-3670ed14e5cb80e9be78f7d8dbf1e789?source=copy_link\nhttps://www.dlink.com/",
    "id": "CVE-2026-11497",
    "bulletinFamily": "",
    "cwe": [
        "CWE-272",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "D-Link DCS-5615 1.01.00",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DCS-5615",
    "version": "1.01.00",
    "vendor": "D-Link",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}