27 matches found
Stack overflow
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...
CVE-2019-10999
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...
CVE-2019-10999
The CVE-2019-10999 issue affects D-Link DCS series cameras with the alphapd web server, via a stack-based buffer overflow triggered by a long WEPEncryption value in wireless.htm. Root cause: improper handling in alphapd leading to remote code execution. Affected devices include DCS-5009L, 5010L, ...
Exploit for Out-of-bounds Write in Dlink Dcs-930L_Firmware
D-Link Exploit The exploit exists in the devices server, alpha...
D-Link DCS-5009, DCS-5010 and DCS-5020L Remote Code Execution Vulnerability
D-Link DCS-5009, DCS-5010 and DCS-5020L are all different models of network camera products from AUO D-Link. alphapd is one of the web servers. A remote code execution vulnerability exists in alphapd in the D-Link DCS-5009 with firmware version 1.08.11 and earlier, DCS-5010 with firmware version...
CVE-2017-17020
On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd binary responsible for running the camera's web server allows remote authenticated attackers to execut...
CVE-2017-17020
CVE-2017-17020 affects D-Link DCS-5009 (firmware ≤1.08.11), DCS-5010 (≤1.14.09), and DCS-5020L (before 1.15.01). The vulnerability is a remote code execution via command injection in the alphapd web server process: a sanitized AdminID value in the /setSystemAdmin input is passed directly to syste...