CVE-2024-9792

Name of the Vulnerable Software and Affected Versions D-Link DSL-2750U version R5B017

Description A vulnerability has been found in the Port Forwarding Page component of D-Link DSL-2750U. The manipulation of the PortMappingDescription argument leads to cross-site scripting. It is possible to initiate the attack remotely. This vulnerability may allow an attacker to conduct a cross-site scripting (XSS) attack through the PortMappingDescription parameter.

Recommendations For D-Link DSL-2750U version R5B017, as a temporary workaround, consider disabling the Port Forwarding Page until a patch is available. Restrict access to the Port Forwarding Page to minimize the risk of exploitation. Avoid using the PortMappingDescription parameter in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.