Vulnerability Description
A security vulnerability in D-Link DGS-1510-series switches with firmware 1.20.011, 1.30.007, 1.31.B003 and older that may allow a remote attacker to inject malicious scripts in the device and execute commands via browser that is configuring the unit.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dgs-1510-20 Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-20 | - |
| Dlink | Dgs-1510-28 Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-28 | - |
| Dlink | Dgs-1510-28P Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-28P | - |
| Dlink | Dgs-1510-28X Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-28X | - |
| Dlink | Dgs-1510-28Xmp Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-28Xmp | - |
| Dlink | Dgs-1510-52X Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-52X | - |
| Dlink | Dgs-1510-52Xmp Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-52Xmp | - |
| Dlink | Dgs-1510-52 Firmware | <= 1.31.b003 |
| Dlink | Dgs-1510-52 | - |
Related Weaknesses (CWE)
References
- http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10Vendor Advisory
- http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10Vendor Advisory
FAQ
What is CVE-2018-7859?
CVE-2018-7859 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A security vulnerability in D-Link DGS-1510-series switches with firmware 1.20.011, 1.30.007, 1.31.B003 and older that may allow a remote attacker to inject malicious scripts in the device and execute...
How severe is CVE-2018-7859?
CVE-2018-7859 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7859?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dgs-1510-20 Firmware, Dlink Dgs-1510-20, Dlink Dgs-1510-28 Firmware, Dlink Dgs-1510-28, Dlink Dgs-1510-28P Firmware.