Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dcs-1130 firmware - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-8404
An issue exists on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the devic...
Dlink Dcs-1130 Firmware -
8.8
CVSSv3
CVE-2017-8406
An issue exists on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the ...
Dlink Dcs-1130 Firmware -
8.8
CVSSv3
CVE-2017-8407
An issue exists on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an mal...
Dlink Dcs-1130 Firmware -
9.8
CVSSv3
CVE-2017-8408
An issue exists on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials and hostname sent to the device w...
Dlink Dcs-1130 Firmware -
7.5
CVSSv3
CVE-2017-8409
An issue exists on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live v...
Dlink Dcs-1130 Firmware -
8.8
CVSSv3
CVE-2017-8411
An issue exists on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the devic...
Dlink Dcs-1130 Firmware -
7.5
CVSSv3
CVE-2017-8405
An issue exists on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a us...
Dlink Dcs-1100 Firmware -
Dlink Dcs-1130 Firmware -
9.8
CVSSv3
CVE-2017-8410
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorizati...
Dlink Dcs-1100 Firmware -
Dlink Dcs-1130 Firmware -
8.8
CVSSv3
CVE-2017-8412
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a v...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
8.8
CVSSv3
CVE-2017-8413
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobil...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »