D-Link DCS-933L and DCS-934L Privilege Acquisition Vulnerability

The D-Link DCS-933L and DCS-934L are both network camera products from Terasic D-Link. mydlink+ is an application for remote access to camera devices such as the DCS-933L and DCS-934L. A security vulnerability exists in mydlink+ version 3.8.5 build 259 in the D-Link DCS-933L version 1.05.04 and...

CVE-2018-7698

An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. The mydlink+ app sends the username and password for connected D-Link cameras such as DCS-933L and DCS-934L unencrypted from the app to the camera, allowing attackers to obtain these...

CVE-2018-7698

An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. The mydlink+ app sends the username and password for connected D-Link cameras such as DCS-933L and DCS-934L unencrypted from the app to the camera, allowing attackers to obtain these...

CVE-2018-7698

The CVE-2018-7698 entry describes a vulnerability in D-Link mydlink+ 3.8.5 build 259 for DCS-933L (1.05.04) and DCS-934L (1.05.04). The root cause is that the mydlink+ app transmits the user credentials (username/password) unencrypted from the app to the camera, allowing an attacker to obtain cre...