2 matches found
CVE-2018-8062
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...