CVE-2014-10028
D-Link DAP-1360 Firmware < 2.5.4 - Cross-Site Scripting via res_buf Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi when res_config_id is set to 41.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://websecurity.com.ua/7215/
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Nov/100
Scores
EPSS
0.0048
EPSS Percentile
65.3%
Details
CWE
CWE-79
Status
published
Products (1)
dlink/dap-1360_firmware
< 2.5.4
Published
Jan 13, 2015
Tracked Since
Feb 18, 2026