CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 15, 2022

CVE-2013-5223

High

EPSS 35.5%CISA KEV

D-Link/DSL-2760U

Description

A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.

EPSS — Exploit Probability

35.5%

Higher than 97.0% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2013-5223

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 35.5%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Mar 25, 2022

Added to KEV

Mar 25, 2022

Remediation Due

Apr 15, 2022

Affected Product

D-Link

DSL-2760U

View all D-Link CVEs

External Links

NVD (NIST)CVE Details MITRE CVE