Cross-Site Scripting Vulnerability in D-Link DIR-600M Devices
CVE-2018-16605
5.4MEDIUM
What is CVE-2018-16605?
The D-Link DIR-600M devices exhibit a Cross-Site Scripting (XSS) vulnerability, which can be exploited through the Hostname and Username fields in the Dynamic DNS Configuration page. This flaw allows an attacker to inject malicious scripts into web pages viewed by users, compromising their session data and potentially leading to unauthorized actions within the affected device.