إرسال #501351: D-Link DIR-816 1.01TO Cross Site Scriptingالمعلومات

عنوانD-Link DIR-816 1.01TO Cross Site Scripting
الوصفIn the 'cgi-bin/webproc' directory within the user account, there is an unrestricted stored Cross-Site Scripting (XSS) vulnerability and injection attacks on the 'SSID' parameter of the "D-Link DIR-816" system. This function executes the user parameter without restrictions. To view the script in action, simply access the 'Setup' directory. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients.
المصدر⚠️ http://x.x.x.x:8080/cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic
المستخدم
 Fergod (UID 55882)
ارسال14/02/2025 06:00 PM (1 سنة منذ)
الاعتدال17/02/2025 11:10 AM (3 days later)
الحالةتمت الموافقة
إدخال VulDB296023 [D-Link DIR-816 1.01TO index.html&var:menu=24gwlan&var:page=24G_basic SSID البرمجة عبر المواقع]
النقاط20

Do you know our Splunk app?

Download it now for free!