CVE-2019-17663

Name of the Vulnerable Software and Affected Versions D-Link DIR-866L version 1.03B04

Description The issue is related to errors in processing input data in the HtmlResponseMessage component of the D-Link DIR-866L wireless router's firmware. This can be exploited by a remote attacker to implement cross-site scripting attacks. The vulnerability allows for common injection via the HtmlResponseMessage in the device's common gateway interface.

Recommendations For D-Link DIR-866L version 1.03B04, consider restricting access to the HtmlResponseMessage component to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the vulnerable component in the device's common gateway interface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.