CVE-2018-6527

Name of the Vulnerable Software and Affected Versions D-Link DIR-868L versions DIR868LA1 FW112b04 and earlier D-Link DIR-865L versions DIR-865L REVA FIRMWARE PATCH 1.08.B01 and earlier D-Link DIR-860L versions DIR860LA1 FW110b04 and earlier

Description The issue allows remote attackers to read a cookie via a crafted deviceid parameter to "soap.cgi". This is due to inadequate protection of the web page structure in the htdocs/webinc/js/adv parent ctrl map.php script of D-Link DIR-860L, DIR-865L, and DIR-868L routers. Exploitation of this issue may enable a remote attacker to conduct an XSS attack.

Recommendations For D-Link DIR-868L versions DIR868LA1 FW112b04 and earlier, update to a version that fixes this issue. For D-Link DIR-865L versions DIR-865L REVA FIRMWARE PATCH 1.08.B01 and earlier, update to a version that fixes this issue. For D-Link DIR-860L versions DIR860LA1 FW110b04 and earlier, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the vulnerable "soap.cgi" endpoint and the deviceid parameter until a patch is available.