CVE-2018-6212

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting XSS attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of t...

CVE-2018-6213

In the web server on D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account...

D-Link DIR-620 Router Cross Site Scripting Vulnerability

D-link DIR-620 is a wireless router product from AUO D-Link. A cross-site scripting vulnerability exists in the D-Link DIR-620 due to the program failing to filter for special characters in the 'Search' field and failing to properly handle XMLHttpRequest objects. A remote attacker can use this...

PT-2018-3887 · D Link · Dir-620

Name of the Vulnerable Software and Affected Versions: D-Link DIR-620 devices with customized firmware versions 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22 Description: The issue is related to a hardcoded password for the admin account, specifically set to anonymous. This could allow a...