• Home Support Forums Security Advisories Shop     English | French
Support Announcement
CVE-2018-7859 :: DGS-1510 Gigabit SmartPro Stackable Swtich Series affected by Reflected XSS Vulnerability


A security vulnerability in DGS-1510-series switches that may allow an attacker to inject malicious scripts in the device and execute commands via browser that is configuring the unit.

3rd Party Report:

Varang Amin
February 21st, 2018

Official Disclosure:

CVE-2018-7859 : Please read CVE for further information regarding the potential exploit

Affected Products:

DGS-1510 Revision A Family Series Switches

  • DGS-1510-20
  • DGS-1510-28
  • DGS-1510-28P
  • DGS-1510-28X
  • DGS-1510-28XMP
  • DGS-1510-52X
  • DGS-1510-52XMP

Affected Firmware:

  • 1.31.B003 and older
  • 1.30.007
  • 1.20.011

Corrected Firmware:

DGS-1510 Series        Revision Ax        HERE



Security patch for your D-Link Devices
These firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.