C3Rb3R

**Name of the Vulnerable Software and Affected Versions** D-Link AirPlus DI-614+ versions 2.30 and earlier **Description** The issue is caused by an integer signedness error that allows remote attackers to cause a denial of service, specifically IP lease depletion, via a DHCP request. This request has the LEASETIME option set to -1, making the DHCP lease valid for thirteen or more years. **Recommendations** For D-Link AirPlus DI-614+ versions 2.30 and earlier, update to a version later than 2.30 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Infoblox DNS One versions 2.4.0-8 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to execute arbitrary scripts as other users. This is achieved via the `CLIENTID` or `HOSTNAME` option of a DHCP request. **Recommendations** For Infoblox DNS One versions 2.4.0-8 and earlier, update to a version later than 2.4.0-8 to resolve the issue.