Lucene search
K

6 matches found

NVD
NVD
added 2019/07/02 9:15 p.m.22 views

CVE-2017-8412

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a vulnerable...

8.8CVSS9.2AI score0.05732EPSS
Exploits0References3
Prion
Prion
added 2019/07/02 9:15 p.m.28 views

Hardcoded credentials

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the use...

10CVSS9.4AI score0.0393EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/07/02 8:19 p.m.16 views

CVE-2017-8413

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and...

9.1AI score0.10187EPSS
Exploits0References3
NVD
NVD
added 2019/07/02 8:15 p.m.18 views

CVE-2017-8410

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorization: Basic" RTS...

10CVSS9.8AI score0.05625EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 8:13 p.m.16 views

CVE-2017-8415

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the use...

9.5AI score0.0393EPSS
Exploits0References3
CVE
CVE
added 2019/07/02 7:56 p.m.172 views

CVE-2017-8414

CVE-2017-8414 affects D-Link DCS-1100 and DCS-1130 network cameras. The /sbin orthrus UPnP handler takes the command-line parameter -f and performs a sprintf to the stack without length checking, which corrupts registers in a function (sub_A098) and leads to memory corruption. Public advisories (...

7.8CVSS7.6AI score0.01684EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder