D-link DSL-2640T Cross-Site Scripting Vulnerability

The D-link DSL-2640T is a wireless router from AUO D-Link. A cross-site scripting vulnerability exists in the cgi-bin/webcm page in the D-link DSL-2640T. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the 'var:RelaodHref' or 'var:conid' parameter...

PT-2018-14549 · D Link · Dsl-2640T

Name of the Vulnerable Software and Affected Versions: D-link DSL-2640T routers affected versions not specified Description: A security issue exists in the cgi-bin/webcm component of D-link DSL-2640T routers, where an XSS attack can be performed via the var:RelaodHref or var:conid parameter...