Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for dsl-2760u_firmware by dlink

    CVE-2013-5223 (GCVE-0-2013-5223)

    Vulnerability from nvd – Published: 2013-11-15 20:00 – Updated: 2025-10-22 00:05
    VLAI CISA KEVIntel
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl.
    SSVC
    Exploitation: active Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    URL Tags
    http://osvdb.org/99611 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99609 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/99605 vdb-entryx_refsource_OSVDB
    http://securityadvisories.dlink.com/security/publ… x_refsource_CONFIRM
    http://osvdb.org/99607 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99608 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99606 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99610 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99604 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99615 vdb-entryx_refsource_OSVDB
    http://seclists.org/fulldisclosure/2013/Nov/76 mailing-listx_refsource_FULLDISC
    http://osvdb.org/99603 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99612 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99616 vdb-entryx_refsource_OSVDB
    http://packetstormsecurity.com/files/123976 x_refsource_MISC
    http://osvdb.org/99613 vdb-entryx_refsource_OSVDB
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    Date Public
    2013-11-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.383Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "99611",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99611"
              },
              {
                "name": "99609",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99609"
              },
              {
                "name": "dlink-cve20135223-xss(88723)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
              },
              {
                "name": "dlink-cve20135223-multiple-xss(88724)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
              },
              {
                "name": "99605",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99605"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
              },
              {
                "name": "99607",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99607"
              },
              {
                "name": "99608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99608"
              },
              {
                "name": "99606",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99606"
              },
              {
                "name": "99610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99610"
              },
              {
                "name": "99604",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99604"
              },
              {
                "name": "99615",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99615"
              },
              {
                "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
              },
              {
                "name": "99603",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99603"
              },
              {
                "name": "99612",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99612"
              },
              {
                "name": "99616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99616"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123976"
              },
              {
                "name": "99613",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99613"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-5223",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T14:11:58.190782Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-5223"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-22T00:05:39.961Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-5223"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2013-5223 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "99611",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99611"
            },
            {
              "name": "99609",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99609"
            },
            {
              "name": "dlink-cve20135223-xss(88723)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
            },
            {
              "name": "dlink-cve20135223-multiple-xss(88724)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
            },
            {
              "name": "99605",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99605"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
            },
            {
              "name": "99607",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99607"
            },
            {
              "name": "99608",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99608"
            },
            {
              "name": "99606",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99606"
            },
            {
              "name": "99610",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99610"
            },
            {
              "name": "99604",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99604"
            },
            {
              "name": "99615",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99615"
            },
            {
              "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
            },
            {
              "name": "99603",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99603"
            },
            {
              "name": "99612",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99612"
            },
            {
              "name": "99616",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99616"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123976"
            },
            {
              "name": "99613",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99613"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5223",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "99611",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99611"
                },
                {
                  "name": "99609",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99609"
                },
                {
                  "name": "dlink-cve20135223-xss(88723)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
                },
                {
                  "name": "dlink-cve20135223-multiple-xss(88724)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
                },
                {
                  "name": "99605",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99605"
                },
                {
                  "name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002",
                  "refsource": "CONFIRM",
                  "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
                },
                {
                  "name": "99607",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99607"
                },
                {
                  "name": "99608",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99608"
                },
                {
                  "name": "99606",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99606"
                },
                {
                  "name": "99610",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99610"
                },
                {
                  "name": "99604",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99604"
                },
                {
                  "name": "99615",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99615"
                },
                {
                  "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
                },
                {
                  "name": "99603",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99603"
                },
                {
                  "name": "99612",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99612"
                },
                {
                  "name": "99616",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99616"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123976",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123976"
                },
                {
                  "name": "99613",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99613"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5223",
        "datePublished": "2013-11-15T20:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2025-10-22T00:05:39.961Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5223 (GCVE-0-2013-5223)

    Vulnerability from cvelistv5 – Published: 2013-11-15 20:00 – Updated: 2025-10-22 00:05
    VLAI CISA KEVIntel
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl.
    SSVC
    Exploitation: active Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    URL Tags
    http://osvdb.org/99611 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99609 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/99605 vdb-entryx_refsource_OSVDB
    http://securityadvisories.dlink.com/security/publ… x_refsource_CONFIRM
    http://osvdb.org/99607 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99608 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99606 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99610 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99604 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99615 vdb-entryx_refsource_OSVDB
    http://seclists.org/fulldisclosure/2013/Nov/76 mailing-listx_refsource_FULLDISC
    http://osvdb.org/99603 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99612 vdb-entryx_refsource_OSVDB
    http://osvdb.org/99616 vdb-entryx_refsource_OSVDB
    http://packetstormsecurity.com/files/123976 x_refsource_MISC
    http://osvdb.org/99613 vdb-entryx_refsource_OSVDB
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    Date Public
    2013-11-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.383Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "99611",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99611"
              },
              {
                "name": "99609",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99609"
              },
              {
                "name": "dlink-cve20135223-xss(88723)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
              },
              {
                "name": "dlink-cve20135223-multiple-xss(88724)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
              },
              {
                "name": "99605",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99605"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
              },
              {
                "name": "99607",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99607"
              },
              {
                "name": "99608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99608"
              },
              {
                "name": "99606",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99606"
              },
              {
                "name": "99610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99610"
              },
              {
                "name": "99604",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99604"
              },
              {
                "name": "99615",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99615"
              },
              {
                "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
              },
              {
                "name": "99603",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99603"
              },
              {
                "name": "99612",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99612"
              },
              {
                "name": "99616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99616"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123976"
              },
              {
                "name": "99613",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/99613"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-5223",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T14:11:58.190782Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-5223"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-22T00:05:39.961Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-5223"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2013-5223 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "99611",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99611"
            },
            {
              "name": "99609",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99609"
            },
            {
              "name": "dlink-cve20135223-xss(88723)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
            },
            {
              "name": "dlink-cve20135223-multiple-xss(88724)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
            },
            {
              "name": "99605",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99605"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
            },
            {
              "name": "99607",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99607"
            },
            {
              "name": "99608",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99608"
            },
            {
              "name": "99606",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99606"
            },
            {
              "name": "99610",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99610"
            },
            {
              "name": "99604",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99604"
            },
            {
              "name": "99615",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99615"
            },
            {
              "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
            },
            {
              "name": "99603",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99603"
            },
            {
              "name": "99612",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99612"
            },
            {
              "name": "99616",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99616"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123976"
            },
            {
              "name": "99613",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/99613"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5223",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web script or HTML via the (1) ntpServer1 parameter to sntpcfg.cgi, username parameter to (2) ddnsmngr.cmd or (3) todmngr.tod, (4) TodUrlAdd parameter to urlfilter.cmd, (5) appName parameter to scprttrg.cmd, (6) fltName in an add action or (7) rmLst parameter in a remove action to scoutflt.cmd, (8) groupName parameter to portmapcfg.cmd, (9) snmpRoCommunity parameter to snmpconfig.cgi, (10) fltName parameter to scinflt.cmd, (11) PolicyName in an add action or (12) rmLst parameter in a remove action to prmngr.cmd, (13) ippName parameter to ippcfg.cmd, (14) smbNetBiosName or (15) smbDirName parameter to samba.cgi, or (16) wlSsid parameter to wlcfg.wl."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "99611",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99611"
                },
                {
                  "name": "99609",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99609"
                },
                {
                  "name": "dlink-cve20135223-xss(88723)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88723"
                },
                {
                  "name": "dlink-cve20135223-multiple-xss(88724)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88724"
                },
                {
                  "name": "99605",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99605"
                },
                {
                  "name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002",
                  "refsource": "CONFIRM",
                  "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10002"
                },
                {
                  "name": "99607",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99607"
                },
                {
                  "name": "99608",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99608"
                },
                {
                  "name": "99606",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99606"
                },
                {
                  "name": "99610",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99610"
                },
                {
                  "name": "99604",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99604"
                },
                {
                  "name": "99615",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99615"
                },
                {
                  "name": "20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2013/Nov/76"
                },
                {
                  "name": "99603",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99603"
                },
                {
                  "name": "99612",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99612"
                },
                {
                  "name": "99616",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99616"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123976",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123976"
                },
                {
                  "name": "99613",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/99613"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5223",
        "datePublished": "2013-11-15T20:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2025-10-22T00:05:39.961Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }