ID
VAR-200902-0719
TITLE
D-Link DIR-300 Cross Site Scripting and Security Bypass Vulnerabilities
Trust: 0.3
sources:
BID: 33556
DESCRIPTION
D-Link DIR-300 is prone to a cross-site scripting vulnerability and a security-bypass vulnerability. An attacker may exploit these issues to bypass authentication or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. The issues affect D-Link DIR-300 with firmware 1.04-tomi-1.1.2.
Trust: 0.3
sources:
BID: 33556
AFFECTED PRODUCTS
| vendor: | d link | model: | dir-300 | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 33556
THREAT TYPE
network
Trust: 0.3
sources:
BID: 33556
TYPE
Design Error
Trust: 0.3
sources:
BID: 33556
EXTERNAL IDS
| db: | BID | id: | 33556 | Trust: 0.3 |
sources:
BID: 33556
REFERENCES
| url: | http://www.d-link.com/ | Trust: 0.3 |
sources:
BID: 33556
CREDITS
Muhaimin Dzulfakar
Trust: 0.3
sources:
BID: 33556
SOURCES
| db: | BID | id: | 33556 |
LAST UPDATE DATE
2022-05-17T02:02:50.225000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 33556 | date: | 2009-02-03T16:09:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 33556 | date: | 2009-02-02T00:00:00 |