|
247941
|
7.8 |
HIGH
Local
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary per…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8414
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247942
|
7.5 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction…
|
CWE-285
Improper Authorization
|
CVE-2017-8409
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247943
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function gets…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-8415
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247944
|
8.8 |
HIGH
Adjacent
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255…
|
CWE-77
Command Injection
|
CVE-2017-8413
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247945
|
8.8 |
HIGH
Adjacent
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the syst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8412
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247946
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary perfo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8410
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247947
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to …
|
CWE-352
Origin Validation Error
|
CVE-2017-8406
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247948
|
7.5 |
HIGH
Network
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads…
|
CWE-287
Improper Authentication
|
CVE-2017-8405
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247949
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST param…
|
CWE-77
Command Injection
|
CVE-2017-8411
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247950
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device d…
|
CWE-352
Origin Validation Error
|
CVE-2017-8407
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
