CVE-2025-5215
- EPSS 0.14%
- Veröffentlicht 27.05.2025 00:15:32
- Zuletzt bearbeitet 05.06.2025 15:59:44
A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible...
CVE-2019-10999
- EPSS 35.8%
- Veröffentlicht 06.05.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:19
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption paramet...
CVE-2018-18441
- EPSS 1.52%
- Veröffentlicht 20.12.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:56
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L,...
CVE-2017-17020
- EPSS 6.96%
- Veröffentlicht 01.05.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:17:21
On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server...
CVE-2017-7852
- EPSS 1%
- Veröffentlicht 24.04.2017 10:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, ...