Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-0615. PoCs published by c3rb3r.
AI-analyzed exploit summary This is a writeup describing an HTML injection vulnerability in D-Link routers (DI-614+, DI-704, DI-624) via crafted DHCP hostnames. The injected HTML can manipulate the administrator's browser to perform unintended actions, such as requesting 'restore.cgi'.
Description
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
Exploits (1)
This is a writeup describing an HTML injection vulnerability in D-Link routers (DI-614+, DI-704, DI-624) via crafted DHCP hostnames. The injected HTML can manipulate the administrator's browser to perform unintended actions, such as requesting 'restore.cgi'.