Published: 06/12/2004 Updated: 26/04/2023

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote malicious users to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
d-link di-704p 2.60b2
d-link di-614\\+ 2.30
dlink di-624

source: wwwsecurityfocuscom/bid/10587/info It is reported that the DI-614+, DI-704, and the DI-624 are susceptible to an HTML injection vulnerability in their DHCP log An attacker who has access to the wireless, or internal network segments of the router can craft malicious DHCP hostnames, that when sent to the router, will be logged fo ...

NVD-CWE-Other http://securitytracker.com/id?1010562 http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html http://www.securityfocus.com/bid/10587 http://www.osvdb.org/7211 http://secunia.com/advisories/11919 http://marc.info/?l=bugtraq&m=108797273127182&w=2 http://marc.info/?l=bugtraq&m=108786257609932&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16468 https://nvd.nist.gov https://www.exploit-db.com/exploits/24226/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0615

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect