Lucene search

K
cveMitreCVE-2004-0615
HistoryDec 06, 2004 - 5:00 a.m.

CVE-2004-0615

2004-12-0605:00:00
mitre
web.nvd.nist.gov
33
cve-2004-0615
cross-site scripting
xss
d-link
di-614+
di-704
di-624
soho router
firmware
dhcp
nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.016

Percentile

87.6%

Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.

Affected configurations

Nvd
Node
d-linkdi-614\+Match2.30
OR
d-linkdi-704pMatch2.60b2
OR
dlinkdi-624Range1.28
VendorProductVersionCPE
d-linkdi-614\+2.30cpe:2.3:h:d-link:di-614\+:2.30:*:*:*:*:*:*:*
d-linkdi-704p2.60b2cpe:2.3:h:d-link:di-704p:2.60b2:*:*:*:*:*:*:*
dlinkdi-624*cpe:2.3:h:dlink:di-624:*:*:*:*:*:*:*:*

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.016

Percentile

87.6%

Related for CVE-2004-0615