Lucene search
K

11 matches found

Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.20 views

(0Day) D-Link DCS-960L HTTP Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server, which listens on TCP port 80 by default. A...

8.8CVSS1.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.37 views

(0Day) D-Link DCS-960L HNAP Login Cookie Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of login action requests. The issue results from th...

8.8CVSS1.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/12/15 12:0 a.m.28 views

(0Day) D-Link DCS-960L HNAP Cookie Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie request header. The issue results fro...

8.8CVSS1.1AI score
Exploits0
NVD
NVD
added 2019/05/06 8:29 p.m.17 views

CVE-2019-10999

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...

8.8CVSS9AI score0.03701EPSS
Exploits2References2
Prion
Prion
added 2019/05/06 8:29 p.m.19 views

Stack overflow

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...

6.5CVSS9AI score0.03701EPSS
Exploits2References2Affected Software10
CVE
CVE
added 2019/05/06 7:30 p.m.116 views

CVE-2019-10999

The CVE-2019-10999 issue affects D-Link DCS series cameras with the alphapd web server, via a stack-based buffer overflow triggered by a long WEPEncryption value in wireless.htm. Root cause: improper handling in alphapd leading to remote code execution. Affected devices include DCS-5009L, 5010L, ...

8.8CVSS9AI score0.03701EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2018/12/20 11:29 p.m.14 views

Authentication flaw

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many mor...

5CVSS7.5AI score0.01943EPSS
Exploits2References1Affected Software18
Cvelist
Cvelist
added 2018/12/20 10:0 p.m.21 views

CVE-2018-18441

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many mor...

7.5AI score0.01943EPSS
Exploits2References1
CVE
CVE
added 2018/12/20 10:0 p.m.77 views

CVE-2018-18441

CVE-2018-18441 affects D-Link DCS series Wi‑Fi cameras (e.g., DCS-936L, DCS-942L, DCS-8000LH, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5020L, etc.). The vulnerability stems from the /common/info.cgi endpoint being accessible without authentication, allowing remote access ...

7.5CVSS7.4AI score0.01943EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2017/12/01 5:0 p.m.14 views

CVE-2017-14953

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an...

7.2AI score0.00492EPSS
Exploits2References2
ThreatPost
ThreatPost
added 2016/07/07 1:26 p.m.11 views

D-Link Wi-Fi Camera Flaw Extends to 120 Products

Update A software component that exposed D-Link Wi-Fi cameras to remote attacks is also used in more than 120 other products sold by the company. Researchers at Senrio, who found the original vulnerability, disclosed today additional details of product vulnerabilities related to the component aft...

8.3AI score
Exploits0References5
Rows per page
Query Builder