CVE-2019-10999
- EPSS 35.8%
- Published 06.05.2019 20:29:01
- Last modified 21.11.2024 04:20:19
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption paramet...
CVE-2018-18441
- EPSS 1.52%
- Published 20.12.2018 23:29:00
- Last modified 21.11.2024 03:55:56
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L,...
CVE-2017-7852
- EPSS 1%
- Published 24.04.2017 10:59:00
- Last modified 20.04.2025 01:37:25
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, ...