Vulnerability Details CVE-2014-9518
Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router DIR-655 (rev Bx) with firmware before 2.12b01 allows remote attackers to inject arbitrary web script or HTML via the html_response_page parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/61831
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10048
- http://www.securityfocus.com/bid/71772
- http://secunia.com/advisories/61831
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10048
- http://www.securityfocus.com/bid/71772
Products affected by CVE-2014-9518
-
cpe:2.3:h:d-link:dir-655:bx
-
cpe:2.3:o:d-link:dir-655_firmware:*