Cross-Site Scripting Vulnerability in D-Link DI-604 Router
CVE-2008-1258

Currently unrated

Key Information:

Vendor: D-link
Status: Di-604
Vendor: CVE Published:; 10 March 2008

What is CVE-2008-1258?

The D-Link DI-604 router contains a cross-site scripting vulnerability in the prim.htm file, which permits remote attackers to inject and execute arbitrary web scripts or HTML through manipulation of the rf parameter. This vulnerability potentially allows attackers to compromise user sessions or redirect users to malicious sites.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/41122

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008

D-link

What is CVE-2008-1258?

References

Timeline