CVE-2026-11497

D-Link DCS-5615 Boa Webserver boa.conf least privilege violation

CVSS 6.9 MEDIUMEPSS 0.4%CWE-266 CWE-272

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Productos afectados

D-Link · DCS-5615

PoCs públicas encontradas — 1

cve_referencewww.notion.so/D-link-DCS-5615_REV_1-01-00-3670ed14e5cb80e9be78f7d8dbf1e789?source=copy_linkno verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://vuldb.com/cve/CVE-2026-11497 https://vuldb.com/submit/834823 https://vuldb.com/vuln/369117 https://vuldb.com/vuln/369117/cti https://www.dlink.com/https://www.notion.so/D-link-DCS-5615_REV_1-01-00-3670ed14e5cb80e9be78f7d8dbf1e789?source=copy_link