Lucene search

CVE-2018-6936

🗓️ 21 Feb 2018 22:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov👁 54 Views🌐 WEB

XSS on D-Link DIR-600M C1 3.01 via SSID or user account

Reporter	Title	Published	Views	Family All 7
Prion	Cross site scripting	21 Feb 201822:29	–	prion
exploitpack	D-Link DIR-600M Wireless - Cross-Site Scripting	2 Mar 201800:00	–	exploitpack
NVD	CVE-2018-6936	21 Feb 201822:29	–	nvd
Exploit DB	D-Link DIR-600M Wireless - Cross-Site Scripting	2 Mar 201800:00	–	exploitdb
Packet Storm	D-Link DIR-600M Wireless Cross Site Scripting	2 Mar 201800:00	–	packetstorm
Cvelist	CVE-2018-6936	21 Feb 201822:00	–	cvelist
0day.today	D-Link DIR-600M Wireless - Cross-Site Scripting Vulnerability	2 Mar 201800:00	–	zdt

Nvd

Node

d-link dir-600m_c1_firmwareMatch3.01

AND

dlink dir-600m_c1Match-

Source	Link
0day4u	www.0day4u.wordpress.com/2018/02/21/d-link-dir-600m-wireless-stored-xss/
exploit-db	www.exploit-db.com/exploits/44219/

Parameter	Position	Path	Description	CWE
user account name	nested	/admin	Persistent XSS via user account name or SSID manipulation on D-Link DIR-600M.	CWE-79
SSID name	nested	/ssid	Persistent XSS via SSID name manipulation on D-Link DIR-600M.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Feb 2018 22:29Current

5.2Medium risk

Vulners AI Score5.2

CVSS23.5

CVSS35.4

EPSS0.0011

CWE-79