Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

OSV
OSVadded 2025/05/18 5:15 a.m.3 views

CVE-2025-4860

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137ALLen20210528. Affected is an unknown function of the file /advdhcps.php of the component Static Pool Settings Page. The manipulation of the argument fmac leads to cross site scripting. It is possible to launch...

4.8CVSS3.8AI score0.00243EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/05/18 5:0 a.m.21 views

CVE-2025-4860 D-Link DAP-2695 Static Pool Settings Page adv_dhcps.php cross site scripting

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137ALLen20210528. Affected is an unknown function of the file /advdhcps.php of the component Static Pool Settings Page. The manipulation of the argument fmac leads to cross site scripting. It is possible to launch...

4.8CVSS0.00243EPSS
Exploits1References5
CVE
CVEadded 2025/05/18 5:0 a.m.41 views

CVE-2025-4860

The CVE-2025-4860 entry concerns D-Link DAP-2695 (Static Pool Settings Page) where an input parameter f_mac in /adv_dhcps.php enables cross-site scripting. Multiple sources confirm a remote exploitation path and that affected devices are no longer maintained by the vendor. Public disclosures exis...

4.8CVSS6.4AI score0.00243EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/18 5:0 a.m.6 views

CVE-2025-4860 D-Link DAP-2695 Static Pool Settings Page adv_dhcps.php cross site scripting

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137ALLen20210528. Affected is an unknown function of the file /advdhcps.php of the component Static Pool Settings Page. The manipulation of the argument fmac leads to cross site scripting. It is possible to launch...

4.8CVSS3.5AI score0.00243EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/05/18 12:0 a.m.3 views

PT-2025-21831 · D Link · D-Link Dap-2695

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2695 version 120b36r137 ALL en 20210528 Description: A vulnerability has been found in the Static Pool Settings Page component, specifically in the /adv dhcps.php file. The manipulation of the f mac argument leads to cross-site...

4.8CVSS3.3AI score0.00243EPSS
Exploits1References11
Rows per page
Query Builder