exploitDog

CVE-2019-19742

Опубликовано: 18 дек. 2019

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.

Ссылки

https://infosecsanyam.blogspot.com/2019/12/d-link-dir-615-wireless-router.html
Exploit
Third Party Advisory
https://medium.com/%40infosecsanyam/d-link-dir-615-wireless-router-persistent-cross-site-scripting-6ee00f5c694d
https://pastebin.com/edit/MZV6DNg7
Broken Link
https://www.dlink.com/en/security-bulletin
Vendor Advisory
https://www.exploit-db.com/exploits/47776
Exploit
Third Party Advisory
VDB Entry
https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf
Exploit
Third Party Advisory
US Government Resource
https://infosecsanyam.blogspot.com/2019/12/d-link-dir-615-wireless-router.html
Exploit
Third Party Advisory
https://medium.com/%40infosecsanyam/d-link-dir-615-wireless-router-persistent-cross-site-scripting-6ee00f5c694d
https://pastebin.com/edit/MZV6DNg7
Broken Link
https://www.dlink.com/en/security-bulletin
Vendor Advisory
https://www.exploit-db.com/exploits/47776
Exploit
Third Party Advisory
VDB Entry
https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf
Exploit
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dir-615_firmware:20.07:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04588

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-vwj6-25pv-x73p

github

больше 3 лет назад

On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.

EPSS

Процентиль: 89%

0.04588

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79