Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-17359

Malware in sbrugna...

8.8CVSS8.6AI score0.01189EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-17358

Malware in sbrugna...

8.8CVSS8.6AI score0.01189EPSS
Exploits1References5
CNVD
CNVD
added 2019/07/05 12:0 a.m.3 views

D-Link DCS-1130 Command Injection Vulnerability (CNVD-2019-21464)

The D-Link DCS-1130 is a network camera from Taiwan, China-based AUO D-Link. A command injection vulnerability exists in the Snapshot feature of the D-Link DCS-1130. The vulnerability arises from a network system or product not properly filtering specific elements of externally input data during...

9.3CVSS7.8AI score0.0585EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/04 12:0 a.m.4 views

D-Link DCS-1130 Command Injection Vulnerability (CNVD-2019-21077)

The D-Link DCS-1130 is a network camera from Taiwan, China-based AUO D-Link. A command injection vulnerability exists in the Video feature in the D-Link DCS-1130. An attacker can exploit this vulnerability to take control of the device and execute arbitrary code...

10CVSS8.1AI score0.07667EPSS
Exploits1References1
NVD
NVD
added 2019/07/02 9:15 p.m.22 views

CVE-2017-8412

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a vulnerable...

8.8CVSS9.2AI score0.05732EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/07/02 8:19 p.m.16 views

CVE-2017-8413

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and...

9.1AI score0.10187EPSS
Exploits0References3
NVD
NVD
added 2019/07/02 8:15 p.m.17 views

CVE-2017-8409

An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...

7.5CVSS7.4AI score0.02705EPSS
Exploits1References3
NVD
NVD
added 2019/07/02 8:15 p.m.22 views

CVE-2017-8406

An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In thi...

8.8CVSS8.3AI score0.01189EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 8:15 p.m.19 views

Default credentials

An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...

5CVSS7.4AI score0.02705EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 8:15 p.m.26 views

Cross site scripting

An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In thi...

6.8CVSS8.1AI score0.01189EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 8:13 p.m.16 views

CVE-2017-8415

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the use...

9.5AI score0.0393EPSS
Exploits0References3
NVD
NVD
added 2019/07/02 7:15 p.m.24 views

CVE-2017-8411

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.3CVSS9.1AI score0.0585EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 7:15 p.m.14 views

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.3CVSS9AI score0.0585EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 7:15 p.m.19 views

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

10CVSS9.7AI score0.07667EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 7:15 p.m.12 views

Cross site scripting

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to...

6.8CVSS8.7AI score0.01189EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 7:9 p.m.20 views

CVE-2017-8409

An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...

7.5AI score0.02705EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 7:5 p.m.20 views

CVE-2017-8406

An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In thi...

8.3AI score0.01189EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 6:53 p.m.22 views

CVE-2017-8407

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to...

8.8AI score0.01189EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 6:47 p.m.13 views

CVE-2017-8404

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.8AI score0.07667EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 6:44 p.m.21 views

CVE-2017-8411

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.1AI score0.0585EPSS
Exploits1References3
Rows per page
Query Builder