Cross-Site Scripting Vulnerability in D-Link DAP-1360 Router
CVE-2014-10028

Currently unrated

Key Information:

Vendor: D-Link
Status: Dap-1360 Firmware
Vendor: CVE Published:; 13 January 2015

Summary

A cross-site scripting vulnerability exists in the D-Link DAP-1360 router, allowing remote attackers to execute arbitrary scripts or HTML by manipulating the res_buf parameter in the index.cgi file when the res_config_id is configured to 41. This can potentially lead to unauthorized access and compromise of sensitive information.

References

http://websecurity.com.ua/7215/

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Nov/100

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 13, 2015