Search criteria
9 vulnerabilities found for dcs-932l by dlink
VAR-202109-1847
Vulnerability from variot - Updated: 2024-05-17 23:04An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. D-Link DCS-5000L and DCS-932L Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-link Dcs-5000L is an IP network surveillance camera. D-link Dcs-932L is a network surveillance camera
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202109-1847",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-932l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.17"
},
{
"model": "dcs-5000l",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "1.05"
},
{
"model": "dcs-932l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5000l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5000l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.05"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 0.6,
"vendor": "d link",
"version": "\u003c=2.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5000l_firmware:1.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5000l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"cve": "CVE-2021-41504",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-41504",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-94833",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-41504",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-41504",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-94833",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202109-1690",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-41504",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. D-Link DCS-5000L and DCS-932L Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-link Dcs-5000L is an IP network surveillance camera. D-link Dcs-932L is a network surveillance camera",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41504"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "VULMON",
"id": "CVE-2021-41504"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41504",
"trust": 3.9
},
{
"db": "DLINK",
"id": "SAP10247",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-94833",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-41504",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"id": "VAR-202109-1847",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
}
],
"trust": 1.229120885
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
}
]
},
"last_update_date": "2024-05-17T23:04:28.294000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "",
"trust": 0.8,
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"title": "Patch for D-Link DCS-5000L and DCS-932L privilege escalation vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/302896"
},
{
"title": "D-link Dcs-932L and D-link Dcs-5000L Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164770"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41504"
},
{
"trust": 1.7,
"url": "https://www.dlink.com/en/security-bulletin/"
},
{
"trust": 1.7,
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10247"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/269.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"date": "2021-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"date": "2022-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"date": "2021-09-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"date": "2021-09-24T20:15:07.437000",
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94833"
},
{
"date": "2021-09-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41504"
},
{
"date": "2022-08-31T07:40:00",
"db": "JVNDB",
"id": "JVNDB-2021-012453"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-1690"
},
{
"date": "2024-05-17T02:01:13.233000",
"db": "NVD",
"id": "CVE-2021-41504"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0DCS-5000L\u00a0 and \u00a0DCS-932L\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-012453"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-1690"
}
],
"trust": 0.6
}
}
VAR-202109-1107
Vulnerability from variot - Updated: 2024-05-17 23:04DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. DCS-5000L and DCS-932L There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-link Dcs-5000L is an IP network surveillance camera. D-link Dcs-932L is a network surveillance camera.
D-Link DCS-5000L and DCS-932L have security vulnerabilities, which stem from the lack of effective trust management mechanisms in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202109-1107",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-5000l",
"scope": "eq",
"trust": 1.6,
"vendor": "d link",
"version": "1.05"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.17"
},
{
"model": "dcs-932l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5000l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 0.6,
"vendor": "d link",
"version": "\u003c=2.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-5000l_firmware:1.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5000l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"cve": "CVE-2021-41503",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-41503",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-94831",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-41503",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-41503",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-94831",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202109-1686",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-41503",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. DCS-5000L and DCS-932L There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-link Dcs-5000L is an IP network surveillance camera. D-link Dcs-932L is a network surveillance camera. \n\r\n\r\nD-Link DCS-5000L and DCS-932L have security vulnerabilities, which stem from the lack of effective trust management mechanisms in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41503"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "VULMON",
"id": "CVE-2021-41503"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41503",
"trust": 3.9
},
{
"db": "DLINK",
"id": "SAP10247",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-94831",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-41503",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"id": "VAR-202109-1107",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
}
],
"trust": 1.229120885
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
}
]
},
"last_update_date": "2024-05-17T23:04:28.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "",
"trust": 0.8,
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"title": "Patch for D-Link DCS-5000L and DCS-932L authorization issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/302891"
},
{
"title": "D-link Dcs-932L and D-link Dcs-5000L Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164768"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41503"
},
{
"trust": 1.7,
"url": "https://www.dlink.com/en/security-bulletin/"
},
{
"trust": 1.7,
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10247"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"date": "2021-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"date": "2022-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"date": "2021-09-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"date": "2021-09-24T20:15:07.373000",
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94831"
},
{
"date": "2021-09-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41503"
},
{
"date": "2022-08-31T07:43:00",
"db": "JVNDB",
"id": "JVNDB-2021-012454"
},
{
"date": "2021-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-1686"
},
{
"date": "2024-05-17T02:01:13.137000",
"db": "NVD",
"id": "CVE-2021-41503"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DCS-5000L\u00a0 and \u00a0DCS-932L\u00a0 Authentication vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-012454"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-1686"
}
],
"trust": 0.6
}
}
VAR-201704-1588
Vulnerability from variot - Updated: 2023-12-18 13:57D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim's DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1. plural D-Link DCS The camera contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. D-LinkDCS-933L is a wireless surveillance camera device from D-Link. There are security holes in several D-LinkDCS cameras. D-Link DCS-933L, etc. The following products are affected: D-Link DCS-5030L; DCS-5020L; DCS-2530L; DCS-2630L;
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1588",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-2330l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.00"
},
{
"model": "dcs-5025l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.02.10"
},
{
"model": "dcs-2230l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.03.01"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.04"
},
{
"model": "dcs-930l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.13.15"
},
{
"model": "dcs-6212l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00.12"
},
{
"model": "dcs-2132l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.12.00"
},
{
"model": "dcs-2210l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.03.01"
},
{
"model": "dcs-5009l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.07.05"
},
{
"model": "dcs-5010l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.05"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.13.15"
},
{
"model": "dcs-7010l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.08.01"
},
{
"model": "dcs-2332l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.08.01"
},
{
"model": "dcs-2310l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.08.01"
},
{
"model": "dcs-930l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.15.04"
},
{
"model": "dcs-2530l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00.21"
},
{
"model": "dcs-5030l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.01.06"
},
{
"model": "dcs-2136l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.04.01"
},
{
"model": "dcs-2132l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.08.01"
},
{
"model": "dcs-6010l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.15.01"
},
{
"model": "dcs-5029l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.12.00"
},
{
"model": "dcs-934l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.04.15"
},
{
"model": "dcs-2310l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.03.00"
},
{
"model": "dcs-933l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.05"
},
{
"model": "dcs-7000l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.04.00"
},
{
"model": "dcs-5000l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.02.02"
},
{
"model": "dcs-942l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.11.03"
},
{
"model": "dcs-931l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.05"
},
{
"model": "dcs-942l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.27"
},
{
"model": "dcs-5020l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.13.05"
},
{
"model": "dcs-5222l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.12.00"
},
{
"model": "dcs-2132l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2136l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2210l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2230l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2310l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2330l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2332l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2530l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5000l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5009l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5010l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5020l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5025l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5029l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5030l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5222l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-6010l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-6212l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-7000l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-7010l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-930l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-931l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-932l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-933l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-934l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-942l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-933l",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-5030l",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-5020l",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-2530l",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-2630l",
"scope": "lt",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.05"
},
{
"model": "dcs-7000l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.04.00"
},
{
"model": "dcs-2136l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.04.01"
},
{
"model": "dcs-5000l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.02.02"
},
{
"model": "dcs-5029l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.12.00"
},
{
"model": "dcs-2310l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "2.03.00"
},
{
"model": "dcs-2330l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.13.00"
},
{
"model": "dcs-2132l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "2.12.00"
},
{
"model": "dcs-2132l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.08.01"
},
{
"model": "dcs-2210l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.03.01"
},
{
"model": "dcs-5025l",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.02.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 932l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 942l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 2310l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 2132l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 930l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2230l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 934l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 931l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 933l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5009l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5010l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5020l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5000l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5025l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5030l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2210l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2136l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 7000l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 6212l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5222l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5029l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2332l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2330l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 6010l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 7010l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2530l",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2230l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.03.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2230l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2310l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2310l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2332l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2332l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-6010l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-6010l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-7010l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-7010l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2530l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.00.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2530l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.13.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.13.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-934l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.04.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-934l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-942l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.27",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-942l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-942l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.11.03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-942l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-931l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-931l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-933l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-933l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5009l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.07.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5009l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5010l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5010l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5000l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.02.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5000l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5025l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.02.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5025l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5030l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.01.06",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5030l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2210l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.03.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2210l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2136l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.04.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2136l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2132l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2132l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-7000l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.04.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-7000l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-6212l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.00.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-6212l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5029l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.12.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5029l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2310l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.03.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2310l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2330l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2330l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-2132l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.12.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2132l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5222l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.12.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5222l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7852"
}
]
},
"cve": "CVE-2017-7852",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7852",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-06729",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-116055",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7852",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7852",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-06729",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-783",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116055",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "VULHUB",
"id": "VHN-116055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device\u0027s settings via a CSRF attack. This is because of the \u0027allow-access-from domain\u0027 child element set to *, thus accepting requests from any domain. If a victim logged into the camera\u0027s web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim\u0027s DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim\u0027s DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1. plural D-Link DCS The camera contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. D-LinkDCS-933L is a wireless surveillance camera device from D-Link. There are security holes in several D-LinkDCS cameras. D-Link DCS-933L, etc. The following products are affected: D-Link DCS-5030L; DCS-5020L; DCS-2530L; DCS-2630L;",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "VULHUB",
"id": "VHN-116055"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-116055",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116055"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7852",
"trust": 3.3
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-06729",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648",
"trust": 0.8
},
{
"db": "IVD",
"id": "76B829DA-D734-4842-BAE5-3DD9FF5F23DC",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "42074",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142702",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-116055",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "VULHUB",
"id": "VHN-116055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"id": "VAR-201704-1588",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "VULHUB",
"id": "VHN-116055"
}
],
"trust": 1.575429490909091
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
}
]
},
"last_update_date": "2023-12-18T13:57:25.055000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://us.dlink.com/"
},
{
"title": "Patch for D-LinkDCS Cross-site Forgery Request Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/93817"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.qualys.com/2017/02/22/qsa-2017-02-22/qsa-2017-02-22.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7852"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7852"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "VULHUB",
"id": "VHN-116055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"db": "VULHUB",
"id": "VHN-116055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-16T00:00:00",
"db": "IVD",
"id": "76b829da-d734-4842-bae5-3dd9ff5f23dc"
},
{
"date": "2017-05-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"date": "2017-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-116055"
},
{
"date": "2017-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"date": "2017-04-24T10:59:00.160000",
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"date": "2017-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06729"
},
{
"date": "2017-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-116055"
},
{
"date": "2017-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003648"
},
{
"date": "2023-04-26T19:27:52.350000",
"db": "NVD",
"id": "CVE-2017-7852"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural D-Link DCS Cross-site request forgery vulnerability in camera",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003648"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-783"
}
],
"trust": 0.6
}
}
VAR-201905-1066
Vulnerability from variot - Updated: 2023-12-18 13:47The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below). plural D-Link DCS series Product Wi-Fi camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DCS-5009L and so on are all DCS series IP cameras produced by Taiwan D-Link Company. Alphapd in several D-Link products has a stack-based buffer overflow vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: D-Link DCS-5009L 1.08.11 and earlier; DCS-5010L 1.14.09 and earlier; DCS-5020L 1.15.12 and earlier; DCS-5025L 1.03.07 and earlier; DCS-5030L 1.04.10 and earlier; DCS-930L 2.16.01 and earlier; DCS-931L 1.14.11 and earlier; DCS-932L 2.17.01 and earlier; DCS-933L 1.14.11 and earlier; DCS-934L 1.05.04 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-930l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.16.01"
},
{
"model": "dcs-933l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.14.11"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2.17.01"
},
{
"model": "dcs-5009l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.08.11"
},
{
"model": "dcs-5020l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.15.12"
},
{
"model": "dcs-5010l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.14.09"
},
{
"model": "dcs-5025l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.03.07"
},
{
"model": "dcs-5030l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.04.10"
},
{
"model": "dcs-931l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.14.11"
},
{
"model": "dcs-934l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.05.04"
},
{
"model": "dcs-5009l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.08.11"
},
{
"model": "dcs-5010l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.14.09"
},
{
"model": "dcs-5020l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.15.12"
},
{
"model": "dcs-5025l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.03.07"
},
{
"model": "dcs-5030l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.04.10"
},
{
"model": "dcs-930l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "2.16.01"
},
{
"model": "dcs-931l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.14.11"
},
{
"model": "dcs-932l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "2.17.01"
},
{
"model": "dcs-933l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.14.11"
},
{
"model": "dcs-934l",
"scope": "lte",
"trust": 0.8,
"vendor": "d link",
"version": "1.05.04"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.16.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-931l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-931l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.17.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-933l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-933l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-934l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.05.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-934l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5009l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5009l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5010l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5010l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5025l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.03.07",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5025l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5030l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.04.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5030l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10999"
}
]
},
"cve": "CVE-2019-10999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10999",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-142601",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10999",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10999",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-138",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142601",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-10999",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera\u0027s web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below). plural D-Link DCS series Product Wi-Fi camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DCS-5009L and so on are all DCS series IP cameras produced by Taiwan D-Link Company. Alphapd in several D-Link products has a stack-based buffer overflow vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: D-Link DCS-5009L 1.08.11 and earlier; DCS-5010L 1.14.09 and earlier; DCS-5020L 1.15.12 and earlier; DCS-5025L 1.03.07 and earlier; DCS-5030L 1.04.10 and earlier; DCS-930L 2.16.01 and earlier; DCS-931L 1.14.11 and earlier; DCS-932L 2.17.01 and earlier; DCS-933L 1.14.11 and earlier; DCS-934L 1.05.04 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "VULMON",
"id": "CVE-2019-10999"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10999",
"trust": 2.6
},
{
"db": "DLINK",
"id": "SAP10131",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-138",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-142601",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-10999",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"id": "VAR-201905-1066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142601"
}
],
"trust": 0.724516308
},
"last_update_date": "2023-12-18T13:47:55.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dlink.com/en/consumer"
},
{
"title": "CVE-2019-10999",
"trust": 0.1,
"url": "https://github.com/qjh2333/cve-2019-10999 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-lab/awesome-security "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://github.com/fuzzywalls/cve-2019-10999"
},
{
"trust": 1.8,
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10131"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10999"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10999"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/qjh2333/cve-2019-10999"
},
{
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142601"
},
{
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-142601"
},
{
"date": "2019-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"date": "2019-05-06T20:29:01.210000",
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"date": "2019-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142601"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10999"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004361"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-10999"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural D-Link DCS series Product Wi-Fi camera Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004361"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-138"
}
],
"trust": 0.6
}
}
VAR-201812-0065
Vulnerability from variot - Updated: 2023-12-18 12:56D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: /common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings. / Output settings, speaker and sensor settings information, etc. D-Link DCS-936L, etc. The following products are affected: D-Link DCS-936L; DCS-942L; DCS-8000LH; DCS-942LB1; 5222LB1; DCS-5020L, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0065",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-936l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-942l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-8000lh",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-942lb1",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5222l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-825l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2630l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-820l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-855l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-2121",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dcs-942lb1",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-820l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-2121",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-2630l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-5020l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-8100lh",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-5222l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-825l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-933l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-855l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-5030l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-8000lh",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-936l",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-930l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-2102",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-5222lb1",
"scope": "gte",
"trust": 1.0,
"vendor": "d link",
"version": "1.00"
},
{
"model": "dcs-942l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-932l",
"scope": "gte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dcs-5222lb1",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "dcs-5020l",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dcs 942lb1",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 936l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2121",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5222lb1",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5020l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 930l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 8100lh",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 932l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2102",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 933l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5030l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 942l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 8000lh",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 5222l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 825l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 2630l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 820l",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dcs 855l",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-936l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-936l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-942l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-942l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-8000lh_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-8000lh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-5222l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5222l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-825l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-825l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-2630l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2630l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-820l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-820l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-855l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-855l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-2121_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-5222lb1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5222lb1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-8100lh_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-8100lh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-2102_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-933l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-933l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-5030l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "1.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-5030l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18441"
}
]
},
"cve": "CVE-2018-18441",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-18441",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-26797",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d831f62-463f-11e9-8196-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129001",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-18441",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-18441",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-26797",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-968",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129001",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "VULHUB",
"id": "VHN-129001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: \u003cCamera-IP\u003e/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings. / Output settings, speaker and sensor settings information, etc. D-Link DCS-936L, etc. The following products are affected: D-Link DCS-936L; DCS-942L; DCS-8000LH; DCS-942LB1; 5222LB1; DCS-5020L, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-129001"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-18441",
"trust": 3.3
},
{
"db": "CNNVD",
"id": "CNNVD-201812-968",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-26797",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D831F62-463F-11E9-8196-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-129001",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "VULHUB",
"id": "VHN-129001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"id": "VAR-201812-0065",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "VULHUB",
"id": "VHN-129001"
}
],
"trust": 1.551953117142857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
}
]
},
"last_update_date": "2023-12-18T12:56:43.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dlink.com/en/consumer"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18441"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18441"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "VULHUB",
"id": "VHN-129001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"db": "VULHUB",
"id": "VHN-129001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-28T00:00:00",
"db": "IVD",
"id": "7d831f62-463f-11e9-8196-000c29342cb1"
},
{
"date": "2018-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-129001"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"date": "2018-12-20T23:29:00.707000",
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"date": "2018-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-26797"
},
{
"date": "2019-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-129001"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014473"
},
{
"date": "2023-04-26T19:27:52.350000",
"db": "NVD",
"id": "CVE-2018-18441"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural D-Link DCS series Product Wi-Fi Information disclosure vulnerability in cameras",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014473"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-968"
}
],
"trust": 0.6
}
}
VAR-201212-0024
Vulnerability from variot - Updated: 2023-12-18 12:45The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value. D-Link DCS-932L Cloud Camera is a home infrared wireless network camera cloud camera. D-Link DCS-932L Cloud Camera has an error when processing UDP requests for device passwords. D-Link DCS-932L is prone to an information-disclosure vulnerability. D-Link DCS-932L 1.02 is vulnerable; other versions may also be affected.
CVE-2012-4046
Details: http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046 . ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: D-Link DCS-932L Password Request Handling Security Issue
SECUNIA ADVISORY ID: SA51610
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51610
RELEASE DATE: 2012-12-20
DISCUSS ADVISORY: http://secunia.com/advisories/51610/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51610/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51610
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Jason Doyle has reported a security issue in D-Link DCS-932L, which can be exploited by malicious people to gain knowledge of sensitive information.
The vulnerability is reported in firmware version 1.02.
SOLUTION: No official solution is currently available.
PROVIDED AND/OR DISCOVERED BY: Jason Doyle
ORIGINAL ADVISORY: http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dcs-932l",
"scope": "eq",
"trust": 1.4,
"vendor": "d link",
"version": "1.02"
},
{
"model": "dcs-932l",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dcs-932l",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "1.02"
},
{
"model": "dcs-932l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dcs-932l cloud camera",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1100"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dlink:dcs-932l_firmware:1.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4046"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jason Doyle",
"sources": [
{
"db": "BID",
"id": "57011"
},
{
"db": "PACKETSTORM",
"id": "118850"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
],
"trust": 1.0
},
"cve": "CVE-2012-4046",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-4046",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-57327",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4046",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201212-301",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-57327",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value. D-Link DCS-932L Cloud Camera is a home infrared wireless network camera cloud camera. D-Link DCS-932L Cloud Camera has an error when processing UDP requests for device passwords. D-Link DCS-932L is prone to an information-disclosure vulnerability. \nD-Link DCS-932L 1.02 is vulnerable; other versions may also be affected. \n\nCVE-2012-4046\n\nDetails:\nhttp://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nD-Link DCS-932L Password Request Handling Security Issue\n\nSECUNIA ADVISORY ID:\nSA51610\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51610/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51610\n\nRELEASE DATE:\n2012-12-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51610/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51610/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51610\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nJason Doyle has reported a security issue in D-Link DCS-932L, which\ncan be exploited by malicious people to gain knowledge of sensitive\ninformation. \n\nThe vulnerability is reported in firmware version 1.02. \n\nSOLUTION:\nNo official solution is currently available. \n\nPROVIDED AND/OR DISCOVERED BY:\nJason Doyle\n\nORIGINAL ADVISORY:\nhttp://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "BID",
"id": "57011"
},
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "PACKETSTORM",
"id": "118850"
},
{
"db": "PACKETSTORM",
"id": "118979"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-57327",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57327"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4046",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "51610",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-7615",
"trust": 0.6
},
{
"db": "BID",
"id": "57011",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "118850",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-60527",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-57327",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118979",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "BID",
"id": "57011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "PACKETSTORM",
"id": "118850"
},
{
"db": "PACKETSTORM",
"id": "118979"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"id": "VAR-201212-0024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "VULHUB",
"id": "VHN-57327"
}
],
"trust": 1.5076923199999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
}
]
},
"last_update_date": "2023-12-18T12:45:35.399000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DCS-932L",
"trust": 0.8,
"url": "http://mydlink.dlink.com/products/dcs-932l"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"trust": 1.7,
"url": "http://seclists.org/bugtraq/2012/dec/98"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4046"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4046"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51610/http"
},
{
"trust": 0.3,
"url": "http://www.dlink.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4046"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51610/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51610"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51610/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "BID",
"id": "57011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "PACKETSTORM",
"id": "118850"
},
{
"db": "PACKETSTORM",
"id": "118979"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "VULHUB",
"id": "VHN-57327"
},
{
"db": "BID",
"id": "57011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"db": "PACKETSTORM",
"id": "118850"
},
{
"db": "PACKETSTORM",
"id": "118979"
},
{
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"date": "2012-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-57327"
},
{
"date": "2012-12-20T00:00:00",
"db": "BID",
"id": "57011"
},
{
"date": "2012-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"date": "2012-12-14T17:22:22",
"db": "PACKETSTORM",
"id": "118850"
},
{
"date": "2012-12-21T08:02:15",
"db": "PACKETSTORM",
"id": "118979"
},
{
"date": "2012-12-24T18:55:02.040000",
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"date": "2012-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"date": "2015-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-57327"
},
{
"date": "2012-12-20T00:00:00",
"db": "BID",
"id": "57011"
},
{
"date": "2012-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005793"
},
{
"date": "2023-04-26T19:27:52.350000",
"db": "NVD",
"id": "CVE-2012-4046"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DCS-932L Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7615"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-301"
}
],
"trust": 0.6
}
}
FKIE_CVE-2012-4046
Vulnerability from fkie_nvd - Published: 2012-12-24 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-932l_firmware | 1.02 | |
| dlink | dcs-932l | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-932l_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "556DF6A7-A36E-45BE-B9C3-36957274DEDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34775D9A-F16B-43C5-A8F4-88C0F9760364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value."
},
{
"lang": "es",
"value": "La c\u00e1mara D-Link DCS-932L con firmware v1.02 permite a atacantes remotos descubrir la contrase\u00f1a a trav\u00e9s de un paquete de difusi\u00f3n UDP, tal y como se demuestra mediante la ejecuci\u00f3n del Asistente para Configuraci\u00f3n de D-Link y la lectura posterior del valor de _paramR [\"P\"].\r\n"
}
],
"id": "CVE-2012-4046",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-24T18:55:02.040",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/bugtraq/2012/Dec/98"
},
{
"source": "cve@mitre.org",
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2012/Dec/98"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-4046 (GCVE-0-2012-4046)
Vulnerability from cvelistv5 – Published: 2012-12-24 18:00 – Updated: 2024-09-17 03:13
VLAI?
Summary
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-24T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046",
"refsource": "MISC",
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4046",
"datePublished": "2012-12-24T18:00:00Z",
"dateReserved": "2012-07-23T00:00:00Z",
"dateUpdated": "2024-09-17T03:13:29.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4046 (GCVE-0-2012-4046)
Vulnerability from nvd – Published: 2012-12-24 18:00 – Updated: 2024-09-17 03:13
VLAI?
Summary
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-24T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR[\"P\"] value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046",
"refsource": "MISC",
"url": "http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046"
},
{
"name": "20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Dec/98"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4046",
"datePublished": "2012-12-24T18:00:00Z",
"dateReserved": "2012-07-23T00:00:00Z",
"dateUpdated": "2024-09-17T03:13:29.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}