Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-27684

A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Published

2024-03-04T14:15:41.587

Last Modified

2025-05-02T19:32:50.587

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dlink	go-rt-ac750_firmware	101b03	Yes
Hardware	dlink	go-rt-ac750	a1	No

References

https://drive.google.com/file/d/1qu4iBQGeAwolTXjVOTXsAAusSHo2ie-Y/view Permissions Required ([email protected])
https://www.dlink.com/en/security-bulletin/ Product ([email protected])
https://drive.google.com/file/d/1qu4iBQGeAwolTXjVOTXsAAusSHo2ie-Y/view Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://www.dlink.com/en/security-bulletin/ Product (af854a3a-2127-422b-91ae-364da2661108)