Cross-Site Scripting in D-Link DAP-2253 Access Point
CVE-2013-7321

Currently unrated

Key Information:

Vendor: D-link
Status: Dap 2253 Firmware; Dap 2253
Vendor: CVE Published:; 6 February 2014

Summary

The D-Link DAP-2253 Access Point (Rev. A1) is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw exposes users to potential exploitation by enabling the attacker to execute harmful scripts in the context of the user's session, which could lead to data theft or unauthorized actions performed on behalf of the user. It is crucial for users to update to firmware version 1.30 or later to mitigate this security risk.

References

http://www.securityfocus.com/bid/64297

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/89728

vdb-entryx_refsource_XF

http://secunia.com/advisories/56022

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 6, 2014
Vulnerability Reserved
Feb 6, 2014