exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Dlink Di-604 Cross Site Scripting / Denial Of Service

Dlink Di-604 Cross Site Scripting / Denial Of Service
Posted Jun 8, 2010
Authored by DcLabs

The Dlink DI-604 router suffers from cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
SHA-256 | d8a9adc8f04827d31b507aacd55cd3368fd7fe145b819b31077f0386f59b1f17

Dlink Di-604 Cross Site Scripting / Denial Of Service

Change Mirror Download
[DCA-0001]
[Dlink Di-604 router authenticated user ping tool Xss and DoS]

[vendor product description]
The DI-604 combines the latest advancements in chip technology,
low-cost design and manufacturing with new, feature-rich firewall and
network management controls to give you quite possibly the most
advanced, yet affordable Ethernet router to date.


[Bug Description]
'Ping tools' web interface does not validate the ip textfield size
leading to a Denial Of Service flaw by changing its size and sending
more than 500 characters to it. This textfield is also prone to Cross
Site Scripting. An authenticated user is required to exploit these
security flaws.


[History]
Adv sent to vendor 05/25/2010
No vendor response
Published 06/08/2010


[Impact]
Low

[Afected Version]
All firmware

[Vendor Reply]


------------------------------------------------------------------------------------------------

[Codes]
No codes are needed



--------------------------------------------
DcLabs - Sponsor: Crash
crash@dclabs.com.br

[Greetz]
Ipax - Alequimico - Gr1nch - Raphx88
------------------------------------
Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close