Intrusion Prevention

DHCP.Discover.Hostname.XSS

Description

This indicates a possible exploit of a cross-site scripting vulnerability in D-Link SOHO router.
The vulnerability is due to the firmware's inability to properly validate user-supplied input. A remote attacker may exploit this to execute arbitrary code.

Affected Products

D-Link Dl-704 2.60 b2
D-Link Dl-704 2.56 b6
D-Link Dl-704 2.56 b5
D-Link DI-624 SOHO Router 1.28
D-Link DI-614+ 2.18
D-Link DI-614+ 2.10
D-Link DI-614+ 2.0 f
D-Link DI-614+ 2.0 3g
D-Link DI-614+ 2.0 3
D-Link DI-614+ 2.0

Impact

The execution of arbitrary script or HTML on the system.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2004-0615