Vulnerability Details CVE-2023-34856
A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.8%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2023-34856
-
cpe:2.3:h:dlink:di-7500g-ci:-
-
cpe:2.3:o:dlink:di-7500g-ci_firmware:19.05.29a