CVE-2010-0936

Name of the Vulnerable Software and Affected Versions D-LINK DKVM-IP8 version 2282 dlinkA4 p8 20071213

Description A cross-site scripting issue exists due to insufficient input validation in the auth.asp file. This allows remote attackers to inject arbitrary web script or HTML via the nickname parameter in the '/auth.asp' endpoint.

Recommendations For D-LINK DKVM-IP8 version 2282 dlinkA4 p8 20071213, avoid using the nickname parameter in the auth.asp file until a fix is available. As a temporary workaround, consider restricting access to the auth.asp file to minimize the risk of exploitation.