Vulnerability-Lookup

CVE-2004-0615 (GCVE-0-2004-0615)

Vulnerability from cvelistv5 – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/10587	vdb-entryx_refsource_BID
	http://secunia.com/advisories/11919	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/7211	vdb-entryx_refsource_OSVDB
	http://marc.info/?l=bugtraq&m=108786257609932&w=2	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://marc.info/?l=bugtraq&m=108797273127182&w=2	mailing-listx_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://securitytracker.com/id?1010562	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.741Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10587",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10587"
          },
          {
            "name": "11919",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11919"
          },
          {
            "name": "7211",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/7211"
          },
          {
            "name": "20040621 DLINK 614+, script injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
          },
          {
            "name": "dlink614-dhcp-xss(16468)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
          },
          {
            "name": "20040621 DLINK 704, script injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
          },
          {
            "name": "20040701 DLINK 624, script injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
          },
          {
            "name": "1010562",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1010562"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10587",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10587"
        },
        {
          "name": "11919",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11919"
        },
        {
          "name": "7211",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/7211"
        },
        {
          "name": "20040621 DLINK 614+, script injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
        },
        {
          "name": "dlink614-dhcp-xss(16468)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
        },
        {
          "name": "20040621 DLINK 704, script injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
        },
        {
          "name": "20040701 DLINK 624, script injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
        },
        {
          "name": "1010562",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1010562"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0615",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10587",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10587"
            },
            {
              "name": "11919",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11919"
            },
            {
              "name": "7211",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/7211"
            },
            {
              "name": "20040621 DLINK 614+, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
            },
            {
              "name": "dlink614-dhcp-xss(16468)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
            },
            {
              "name": "20040621 DLINK 704, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
            },
            {
              "name": "20040701 DLINK 624, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
            },
            {
              "name": "1010562",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1010562"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0615",
    "datePublished": "2004-06-30T04:00:00",
    "dateReserved": "2004-06-29T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0615\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-06T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en D-Link DI-614+ SOHO router corriendo firmware 2.30 y DI-704 SOHO Router corriendo firmware 2.60B2 permite a atacantes remotos inyectar script arbitrario o HTML mediante la opci\u00f3n DHCP HOSTNAME en una petici\u00f3n DHCP.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:d-link:di-614\\\\+:2.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFBD013A-695E-41C7-BD1A-9D684CE86C54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:d-link:di-704p:2.60b2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5DFEBE-C6A9-429E-A265-86037F0CD507\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-624:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"2A5E7B2F-9DCF-478C-B9C4-3ED4C05E2387\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/11919\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1010562\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/7211\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/10587\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16468\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/11919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1010562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/7211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/10587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16468\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-WCMH-67FX-99W6

Vulnerability from github – Published: 2022-04-29 02:58 – Updated: 2022-04-29 02:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-0615"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-06T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.",
  "id": "GHSA-wcmh-67fx-99w6",
  "modified": "2022-04-29T02:58:03Z",
  "published": "2022-04-29T02:58:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0615"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/11919"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1010562"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/7211"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/10587"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200412-0052

Vulnerability from variot - Updated: 2025-04-03 22:26

Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. It is reported that the DI-614+, DI-704, and the DI-624 are susceptible to an HTML injection vulnerability in their DHCP log. An attacker who has access to the wireless, or internal network segments of the router can craft malicious DHCP hostnames, that when sent to the router, will be logged for later viewing by the administrator of the device. The injected HTML can be used to cause the administrator to make unintended changes to the configuration of the router. Other attacks may be possible. Although only the DI-614+, DI-704, and the DI-624 are reported vulnerable, code reuse across devices is common and other products may also be affected

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200412-0052",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "di-614\\+",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "d link",
        "version": "2.30"
      },
      {
        "model": "di-704p",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "d link",
        "version": "2.60b2"
      },
      {
        "model": "di-624",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "dlink",
        "version": "1.28"
      },
      {
        "model": "di-624",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "d link",
        "version": "1.28"
      },
      {
        "model": "dl-704 b2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.60"
      },
      {
        "model": "dl-704 b6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.56"
      },
      {
        "model": "dl-704 b5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.56"
      },
      {
        "model": "di-624 soho router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "1.28"
      },
      {
        "model": "di-614+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.18"
      },
      {
        "model": "di-614+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.10"
      },
      {
        "model": "di-614+ f",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.0"
      },
      {
        "model": "di-614+ 3g",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.0"
      },
      {
        "model": "di-614+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.03"
      },
      {
        "model": "di-614+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "d link",
        "version": "2.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "10587"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "c3rb3r",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2004-0615",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CVE-2004-0615",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-9045",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2004-0615",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200412-032",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-9045",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. It is reported that the DI-614+, DI-704, and the DI-624 are susceptible to an HTML injection vulnerability in their DHCP log. \nAn attacker who has access to the wireless, or internal network segments of the router can craft malicious DHCP hostnames, that when sent to the router, will be logged for later viewing by the administrator of the device. \nThe injected HTML can be used to cause the administrator to make unintended changes to the configuration of the router. Other attacks may be possible. \nAlthough only the DI-614+, DI-704, and the DI-624 are reported vulnerable, code reuse across devices is common and other products may also be affected",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      },
      {
        "db": "BID",
        "id": "10587"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      }
    ],
    "trust": 1.26
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-9045",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "10587",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "11919",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1010562",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "7211",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-77959",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "24226",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-9045",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "db": "BID",
        "id": "10587"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "id": "VAR-200412-0052",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      }
    ],
    "trust": 0.53333334
  },
  "last_update_date": "2025-04-03T22:26:17.919000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "A variety of D-Link products Vulnerability fixes",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=234979"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/10587"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/7211"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1010562"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/11919"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
      },
      {
        "trust": 1.6,
        "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
      },
      {
        "trust": 1.6,
        "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
      },
      {
        "trust": 0.3,
        "url": "http://www.d-link.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/366615"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/367855"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/366826"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=108786257609932\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=108797273127182\u0026amp;w=2"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "db": "BID",
        "id": "10587"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "db": "BID",
        "id": "10587"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-12-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "date": "2004-06-21T00:00:00",
        "db": "BID",
        "id": "10587"
      },
      {
        "date": "2004-12-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "date": "2004-12-06T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-9045"
      },
      {
        "date": "2004-06-21T00:00:00",
        "db": "BID",
        "id": "10587"
      },
      {
        "date": "2023-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      },
      {
        "date": "2025-04-03T01:03:51.193000",
        "db": "NVD",
        "id": "CVE-2004-0615"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple D-Link products Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-032"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2004-0615

Vulnerability from fkie_nvd - Published: 2004-12-06 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html
	cve@mitre.org	http://marc.info/?l=bugtraq&m=108786257609932&w=2
	cve@mitre.org	http://marc.info/?l=bugtraq&m=108797273127182&w=2
	cve@mitre.org	http://secunia.com/advisories/11919
	cve@mitre.org	http://securitytracker.com/id?1010562
	cve@mitre.org	http://www.osvdb.org/7211
	cve@mitre.org	http://www.securityfocus.com/bid/10587
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16468
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=108786257609932&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=108797273127182&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/11919
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1010562
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/7211
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10587
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16468

Impacted products

Vendor	Product	Version
d-link	di-614\+	2.30
d-link	di-704p	2.60b2
dlink	di-624	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:d-link:di-614\\+:2.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFBD013A-695E-41C7-BD1A-9D684CE86C54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:d-link:di-704p:2.60b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5DFEBE-C6A9-429E-A265-86037F0CD507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-624:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5E7B2F-9DCF-478C-B9C4-3ED4C05E2387",
              "versionEndIncluding": "1.28",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en D-Link DI-614+ SOHO router corriendo firmware 2.30 y DI-704 SOHO Router corriendo firmware 2.60B2 permite a atacantes remotos inyectar script arbitrario o HTML mediante la opci\u00f3n DHCP HOSTNAME en una petici\u00f3n DHCP."
    }
  ],
  "id": "CVE-2004-0615",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2004-12-06T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11919"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010562"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/7211"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10587"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/7211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10587"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2004-0615

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-0615

Aliases

CVE-2004-0615

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-0615",
    "description": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.",
    "id": "GSD-2004-0615"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-0615"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.",
      "id": "GSD-2004-0615",
      "modified": "2023-12-13T01:22:54.138244Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-0615",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "10587",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/10587"
          },
          {
            "name": "11919",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/11919"
          },
          {
            "name": "7211",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/7211"
          },
          {
            "name": "20040621 DLINK 614+, script injection vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
          },
          {
            "name": "dlink614-dhcp-xss(16468)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
          },
          {
            "name": "20040621 DLINK 704, script injection vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
          },
          {
            "name": "20040701 DLINK 624, script injection vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
          },
          {
            "name": "1010562",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1010562"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:d-link:di-704p:2.60b2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:d-link:di-614\\+:2.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-624:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.28",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0615"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1010562",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1010562"
            },
            {
              "name": "20040701 DLINK 624, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
            },
            {
              "name": "10587",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/10587"
            },
            {
              "name": "7211",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/7211"
            },
            {
              "name": "11919",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/11919"
            },
            {
              "name": "20040621 DLINK 704, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
            },
            {
              "name": "20040621 DLINK 614+, script injection vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
            },
            {
              "name": "dlink614-dhcp-xss(16468)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2023-04-26T18:55Z",
      "publishedDate": "2004-12-06T05:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-0615 (GCVE-0-2004-0615)

GHSA-WCMH-67FX-99W6

VAR-200412-0052

FKIE_CVE-2004-0615

GSD-2004-0615

Tags

Sightings

Nomenclature