D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on June 06, 2019, 10:03:03 AM

Title: DIR-600M Rev. C - Command Bypass and XSS security vulnerabilities
Post by: GreenBay42 on June 06, 2019, 10:03:03 AM: Source - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10115 (https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10115)

In April 30, 2019, D-Link becamea aware of a 3rd Party security researcher that accused the DIR-600M Hardware Rev. Cx of a Authentication bypass and Cross-Site Scripting (XSS) security vulnerabilities in the web-GUI.

Firmware - ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-600M/REVC/DIR-600M_REVC_FIRMWARE_HOTFIX_v3.08B01.zip (ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-600M/REVC/DIR-600M_REVC_FIRMWARE_HOTFIX_v3.08B01.zip)

SMF 2.0.13 | SMF © 2016, Simple Machines