ISS X-Force Database: dlink614-dhcp-xss(16468): D-Link AirPlus DI-614+ DHCP cross-site scripting

D-Link AirPlus DI-614+ DHCP cross-site scripting

dlink614-dhcp-xss (16468)

Medium Risk

Description:

The D-Link AirPlus DI-614+ is vulnerable to cross-site scripting, caused by improper filtering of HOSTNAME DHCP options. A remote attacker could send a specially-crafted DHCP request containing malicious code to D-Link 614+ router, which would be executed in the victim's Web browser within the security context of the router, once the DHCP report is viewed by an administrator of the router. An attacker could use this vulnerability to steal a victim's cookie-based authentication credentials, obtain other sensitive information, restart the router or reset to factory setting or launch further attacks against the affected system.

Platforms Affected:

D-Link, AirPlus DI-614+ 2.30
D-Link, DI-624 Revision B 1.28 and prior
D-Link, DI-704p 2.60b2

Remedy:

No remedy available as of June 27, 2009.

Consequences:

Obtain Information

References:

BugTraq Mailing List, Mon Jun 21 2004 - 02:39:18 CDT, DLINK 614+, script injection vulnerability at http://archives.neohapsis.com/archives/bugtraq/2004-06/0327.html.
BugTraq Mailing List, Mon Jun 21 2004 - 03:38:03 CDT, DLINK 704, script injection vulnerability at http://archives.neohapsis.com/archives/bugtraq/2004-06/0373.html.
BugTraq Mailing List, Thu Jul 01 2004 - 05:37:04 CDT, DLINK 624, script injection vulnerability at http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html.
BID-10587: D-Link AirPlus DI-614+, DI-624, DI-704 DHCP Log HTML Injection Vulnerability
CVE-2004-0615: Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
OSVDB ID: 7211: D-Link SOHO Router DHCP Log XSS
SA11919: D-Link Products DHCP Script Insertion Vulnerability
SECTRACK ID: 1010562: D-Link Router Input Validation Flaw in DHCP HOSTNAME Lets Remote Users Inject Scripting

Reported:

Jun 21, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page