Описание
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dlink:6600-ap_firmware:4.2.0.14:*:*:*:*:*:*:*
cpe:2.3:h:dlink:6600-ap:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:dlink:dwl-3600ap_firmware:4.2.0.14:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwl-3600ap:-:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.0069
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface.
EPSS
Процентиль: 71%
0.0069
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79