VYPR
Medium severity6.1NVD Advisory· Published Jun 20, 2018· Updated Jun 17, 2026

CVE-2018-6212

CVE-2018-6212

Description

On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of the XMLHttpRequest object.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Dlink/DIR-620llm-create
    Range: 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, 2.0.22

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.