CVE-2014-3761
D-Link DAP 1150 Firmware 1.2.94 - Cross-Site Scripting via res_buf Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/URL-filter section.
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Apr/246
Exploit x_refsource_misc
http://websecurity.com.ua/7112
Scores
EPSS
0.0035
EPSS Percentile
57.9%
Details
CWE
CWE-79
Status
published
Products (2)
dlink/dap_1150
dlink/dap_1150_firmware
1.2.94
Published
May 16, 2014
Tracked Since
Feb 18, 2026