CVE-2026-7027
⚪ Do wiadomości
Wstrzyknięcie skryptów w D-Link DSL-2740R umożliwia zdalne ataki XSS.
CVSS
2.4
EPSS
0.0%
Exploit
none
Vendor
dlink
Opis źródłowy (NVD)
A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used.
xss
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 2.4 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.0% |
| Opublikowano (NVD) | 2026-04-26 09:16:17 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-30 14:10:56 UTC |
Referencje
- https://vuldb.com/submit/797896 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/vuln/359607 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/vuln/359607/cti (cna@vuldb.com) [Permissions Required, VDB Entry]
- https://www.dlink.com/ (cna@vuldb.com) [Product]