14 matches found
EUVD-2017-16827
Malware in sbrugna...
EUVD-2017-8190
Malware in sbrugna...
CVE-2019-10999
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...
The vulnerability of D-Link DCS-930L Wi-Fi cameras lies in the lack of measures taken to neutralize special elements used in the operating system’s command structure. This allows intruders to execute arbitrary commands.
The vulnerability of D-Link DCS series Wi-Fi cameras exists due to the lack of measures taken to neutralize special elements used in the operating system’s command structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2013-1602
An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04US, DCS-1130 1.03/1.04US , DCS-2102 1.05RU/1.06/1.06FR/1.05TESCO, DCS-2121...
CVE-2018-18441
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many mor...
DLink DCS Series Cameras - Insecure Crossdomain Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Insecure CrossDomain.XML in D-Link DCS Series Cameras Date: 22/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: http://us.dlink.com/product-category/home-solutions/view/network-cameras/ Version:...
Cross site request forgery (csrf)
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to , thus accepting requests from any domain. If a...
CVE-2017-7852
CVE-2017-7852 affects D-Link DCS series cameras (notably DCS-933L, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, DCS-932LB1). Root cause: weak CrossDomain.XML with allow-access-from set to * enables Cross-Site Request Forgery (CSRF) via malicious Flash hosted on attacker sites. ...
PT-2017-17954 · D Link · Dcs-932Lb1 +7
Name of the Vulnerable Software and Affected Versions: D-Link DCS-933L versions prior to 1.13.05 D-Link DCS-5030L D-Link DCS-5020L D-Link DCS-2530L D-Link DCS-2630L D-Link DCS-930L D-Link DCS-932L D-Link DCS-932LB1 Description: The issue allows sites hosting malicious Flash objects to access and/...
D-Link DCS Cameras - Multiple Vulnerabilities
Unauthenticated remote access to D-Link DCS cameras =================================================== ADVISORY INFORMATION Title: Unauthenticated remote access to D-Link DCS cameras Discovery date: 20/06/2012 Release date: 28/01/2013 Credits: Roberto Paleari [email protected], twitter:...
D-Link DCS Cameras - Multiple Vulnerabilities
D-Link DCS Cameras - Multiple Vulnerabilities Unauthenticated remote access to D-Link DCS cameras =================================================== ADVISORY INFORMATION Title: Unauthenticated remote access to D-Link DCS cameras Discovery date: 20/06/2012 Release date: 28/01/2013 Credits: Robert...
D-Link DCS Cameras Authentication Bypass / Command Execution
D-Link DCS Cameras suffer from authentication bypass and remote command execution vulnerabilities due to a remote information disclosure of the configuration. Unauthenticated remote access to D-Link DCS cameras =================================================== ADVISORY INFORMATION Title:...
D-Link DCS Series - Cross-Site Request Forgery (Change Admin Password)
Title: Dlink DCS series CSRF Change Admin Password Version: DCS-900, DCS-2000, DCS-5300 and possibly other. Date: 2012-02-22 Author: rigan - imrigan sobachka gmail.com -- Description: Dlink DCS is a series of network cameras. These cameras use a web interface which is prone to CSRF vulnerabilitie...