Posted by Benjamin Daniel Mussler on Aug 05

D-Link NAS, DNS Series: Stored XSS via Unauthenticated SMB
<http://b.fl7.de/2016/08/d-link-nas-dns-xss-via-smb.html>

1. Affected Models/Versions
2. Summary
3. Technical Summary
4. Vulnerability Details
5. Exploitation / Proof of Concept
6. Timeline
7. See Also

########## 1. Affected Models/Versions ##########

The vulnerability was initially discovered on a **D-Link DNS-320 rev A**
device running **firmware version 2.05b8** (also known…