Vulnerability Details CVE-2021-41445
A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://d-link.com
- http://dir-x1860.com
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283
- https://www.dlink.com/en/security-bulletin/
- http://d-link.com
- http://dir-x1860.com
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283
- https://www.dlink.com/en/security-bulletin/
Products affected by CVE-2021-41445
-
cpe:2.3:h:dlink:dir-x1860:-
-
cpe:2.3:o:dlink:dir-x1860_firmware:-
-
cpe:2.3:o:dlink:dir-x1860_firmware:1.03