Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
2004-12-06T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 5.1 (MEDIUM)
AV:N/AC:H/Au:N/C:P/I:P/A:P
4.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Hardware | d-link | di-614\+ | 2.30 | Yes |
| Hardware | d-link | di-704p | 2.60b2 | Yes |
| Hardware | dlink | di-624 | ≤ 1.28 | Yes |