ID
VAR-201912-1750
CVE
CVE-2018-7859
TITLE
D-Link DGS-1510 Cross-site scripting vulnerability in series switch firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2018-016173
DESCRIPTION
A security vulnerability in D-Link DGS-1510-series switches with firmware 1.20.011, 1.30.007, 1.31.B003 and older that may allow a remote attacker to inject malicious scripts in the device and execute commands via browser that is configuring the unit. D-Link DGS-1510 A cross-site scripting vulnerability exists in the firmware of the series switch.Information may be obtained and information may be altered. D-Link DGS-1510 is a DGS-1510 series switch of D-Link Corporation of China. There are security vulnerabilities in D-Link DGS-1510 using firmware 1.20.011, 1.30.007, and 1.31.B003 and earlier firmware
Trust: 2.25
sources:
NVD: CVE-2018-7859 //
JVNDB: JVNDB-2018-016173 //
CNVD: CNVD-2020-03557 //
VULMON: CVE-2018-7859
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2020-03557
AFFECTED PRODUCTS
| vendor: | dlink | model: | dgs-1510-28 | scope: | eq | version: | 1.20.011 | Trust: 1.6 |
| vendor: | dlink | model: | dgs-1510-20 | scope: | eq | version: | 1.20.011 | Trust: 1.6 |
| vendor: | dlink | model: | dgs-1510-20 | scope: | eq | version: | 1.30.007 | Trust: 1.6 |
| vendor: | dlink | model: | dgs-1510-28 | scope: | eq | version: | 1.30.007 | Trust: 1.6 |
| vendor: | dlink | model: | dgs-1510-20 | scope: | eq | version: | - | Trust: 1.2 |
| vendor: | dlink | model: | dgs-1510-52x | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28xmp | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52xmp | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52xmp | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28p | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28 | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52x | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52 | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52xmp | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52 | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52 | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28xmp | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28xmp | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28x | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-20 | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28x | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28x | scope: | lte | version: | 1.31.b003 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28p | scope: | eq | version: | 1.30.007 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-28p | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | dlink | model: | dgs-1510-52x | scope: | eq | version: | 1.20.011 | Trust: 1.0 |
| vendor: | d link | model: | dgs-1510-20 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-28 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-28p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-28x | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-28xmp | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-52 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-52x | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dgs-1510-52xmp | scope: | - | version: | - | Trust: 0.8 |
| vendor: | dlink | model: | d-link dgs-1510 | scope: | eq | version: | 1.20.011 | Trust: 0.6 |
| vendor: | dlink | model: | d-link dgs-1510 | scope: | eq | version: | 1.30.007 | Trust: 0.6 |
| vendor: | dlink | model: | d-link dgs-1510 <=1.31.b003 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | dlink | model: | dgs-1510-28 | scope: | eq | version: | - | Trust: 0.6 |
| vendor: | dlink | model: | dgs-1510-20 | scope: | eq | version: | 1.31.b003 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-03557 //
JVNDB: JVNDB-2018-016173 //
CNNVD: CNNVD-201912-1243 //
NVD: CVE-2018-7859
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2020-03557 //
VULMON: CVE-2018-7859 //
JVNDB: JVNDB-2018-016173 //
NVD: CVE-2018-7859
PROBLEMTYPE DATA
| problemtype: | CWE-79 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2018-016173 //
NVD: CVE-2018-7859
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-201912-1243
CONFIGURATIONS
sources:
JVNDB: JVNDB-2018-016173
PATCH
| title: | SAP10082 | url: | https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10082 | Trust: 0.8 |
| title: | Patch for D-Link DGS-1510 Command Injection Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/198817 | Trust: 0.6 |
| title: | D-Link DGS-1510 Fixes for cross-site scripting vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106441 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-03557 //
JVNDB: JVNDB-2018-016173 //
CNNVD: CNNVD-201912-1243
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-7859 | Trust: 3.1 |
| db: | DLINK | id: | SAP10082 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2018-016173 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2020-03557 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201912-1243 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2018-7859 | Trust: 0.1 |
sources:
CNVD: CNVD-2020-03557 //
VULMON: CVE-2018-7859 //
JVNDB: JVNDB-2018-016173 //
CNNVD: CNNVD-201912-1243 //
NVD: CVE-2018-7859
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-7859 | Trust: 2.0 |
| url: | http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10082 | Trust: 1.7 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7859 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/79.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
CNVD: CNVD-2020-03557 //
VULMON: CVE-2018-7859 //
JVNDB: JVNDB-2018-016173 //
CNNVD: CNNVD-201912-1243 //
NVD: CVE-2018-7859
SOURCES
| db: | CNVD | id: | CNVD-2020-03557 |
| db: | VULMON | id: | CVE-2018-7859 |
| db: | JVNDB | id: | JVNDB-2018-016173 |
| db: | CNNVD | id: | CNNVD-201912-1243 |
| db: | NVD | id: | CVE-2018-7859 |
LAST UPDATE DATE
2024-11-23T23:11:36.036000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-03557 | date: | 2020-02-04T00:00:00 |
| db: | VULMON | id: | CVE-2018-7859 | date: | 2020-01-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-016173 | date: | 2020-01-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201912-1243 | date: | 2019-12-31T00:00:00 |
| db: | NVD | id: | CVE-2018-7859 | date: | 2024-11-21T04:12:53.650 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-03557 | date: | 2020-02-04T00:00:00 |
| db: | VULMON | id: | CVE-2018-7859 | date: | 2019-12-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-016173 | date: | 2020-01-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201912-1243 | date: | 2019-12-30T00:00:00 |
| db: | NVD | id: | CVE-2018-7859 | date: | 2019-12-30T20:15:12.107 |