5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
6.1 Medium
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.6%
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
CPE | Name | Operator | Version |
---|---|---|---|
d-link:di-614\+ | d-link di-614+ | eq | 2.30 |
d-link:di-704p | d-link di-704p | eq | 2.60b2 |
dlink:di-624 | dlink di-624 | le | 1.28 |