CVE-2025-14225

The CVE-2025-14225 entry concerns D-Link DCS-930L (firmware 1.15.04) and the alphapd component, where manipulating the AdminID parameter in /setSystemAdmin can yield remote command execution. Public disclosures exist, and the affected products are no longer supported by the maintainer. Several co...

EUVD-2025-201702

A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...

D-Link DCS-930L 命令注入漏洞

D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...

PT-2025-49538

Name of the Vulnerable Software and Affected Versions D-Link DCS-930L version 1.15.04 Description A flaw exists in D-Link DCS-930L version 1.15.04 that allows for remote command injection. The issue is located within the alphapd component, specifically in the /setSystemAdmin file. Manipulation of...

D-Link DCS-932L setSystemAdmin File Command Injection Vulnerability

The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a command injection vulnerability that stems from the parameter AdminID in the file /setSystemAdmin failing to correctly filter constructed comman...

CVE-2025-5571

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

D-Link DCS-932L 命令注入漏洞

The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a command injection vulnerability that stems from the parameter AdminID in the file /setSystemAdmin failing to correctly filter constructed comman...

CVE-2017-17020

On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd binary responsible for running the camera's web server allows remote authenticated attackers to execut...