cbcvebase.
CVE-2018-15875
published 2018-08-25

CVE-2018-15875: Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request.

Affected

1 ranges
VendorProductVersion rangeFixed in
dlinkdir-615_firmware