TROYANOSYVIRUS
Back to CVEs

CVE-2014-9517

N/A

Description

Cross-site scripting (XSS) vulnerability in D-link IP camera DCS-2103 with firmware before 1.20 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to vb.htm.

CVE Details

CVSS v3.1 ScoreN/A
Published1/5/2015
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0

Affected Products

dlink:dcs-2103dlink:dcs-2103_firmware

Weaknesses (CWE)

CWE-79

References

http://packetstormsecurity.com/files/129609/D-Link-DCS-2103-Brute-Force-Cross-Site-Scripting.html(cve@mitre.org)
http://seclists.org/fulldisclosure/2014/Dec/85(cve@mitre.org)
http://websecurity.com.ua/7288/(cve@mitre.org)
http://packetstormsecurity.com/files/129609/D-Link-DCS-2103-Brute-Force-Cross-Site-Scripting.html(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2014/Dec/85(af854a3a-2127-422b-91ae-364da2661108)
http://websecurity.com.ua/7288/(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.