Varang Amin

**Name of the Vulnerable Software and Affected Versions** D-Link DGS-1510-series switches versions 1.20.011 through 1.31.B003 and older **Description** The issue is related to a lack of protection for the web page structure, which may allow a remote attacker to inject malicious scripts into the device and execute commands via a browser configuring the unit. This could enable an attacker to perform a cross-site scripting attack. **Recommendations** For versions 1.20.011 through 1.31.B003 and older, update to a newer version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DGS-1510 series versions prior to 1.31.B003 **Description** The issue allows attackers to conduct Unauthenticated Command Bypass attacks. The exact vectors used for the attack are not specified. **Recommendations** For D-Link DGS-1510 series versions prior to 1.31.B003, update the firmware to version 1.31.B003 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** D-Link DGS-1510 series versions prior to 1.31.B003 **Description** The issue allows attackers to conduct Unauthenticated Information Disclosure attacks. The exact vectors used for the attack are not specified. **Recommendations** For D-Link DGS-1510 series versions prior to 1.31.B003, update the firmware to version 1.31.B003 or later to resolve the issue.