1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XSS flaw in D-Link NAS devices allows attackers to mess with your data

Discussion in 'Help Net Security' started by RSS, Aug 29, 2016.

  1. RSS

    RSS New Member Member

    Security researcher Benjamin Daniel Mussler has unearthed an XSS flaw affecting seven D-Link NAS devices – a flaw which could allow attackers to access the devices and peruse and change the stored contents. He first found it in the firmware of D-Link DNS-320 rev A, a Network Storage Enclosure that allows users to access stored data via SMB and can be configured through a web interface. “The device’s administrative web interface contains a Stored Cross-Site … More →

    Continue reading...

Share This Page