CVE-2019-10999
- EPSS 35.8%
- Veröffentlicht 06.05.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:19
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption paramet...
CVE-2018-18441
- EPSS 0.49%
- Veröffentlicht 20.12.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:56
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L,...
CVE-2017-7852
- EPSS 0.5%
- Veröffentlicht 24.04.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, ...
CVE-2012-4046
- EPSS 0.05%
- Veröffentlicht 24.12.2012 18:55:02
- Zuletzt bearbeitet 29.04.2026 01:13:23
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.