On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.
6.1CVSS
6AI Score
0.001EPSS
CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact.
8.8CVSS
9.2AI Score
0.001EPSS