|
248131
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function gets…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-8415
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248132
|
8.8 |
HIGH
Adjacent
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255…
|
CWE-77
Command Injection
|
CVE-2017-8413
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248133
|
8.8 |
HIGH
Adjacent
|
dlink
|
dcs-1130_firmware
dcs-1100_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the syst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8412
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248134
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary perfo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8410
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248135
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to …
|
CWE-352
Origin Validation Error
|
CVE-2017-8406
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248136
|
7.5 |
HIGH
Network
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads…
|
CWE-287
Improper Authentication
|
CVE-2017-8405
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248137
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST param…
|
CWE-77
Command Injection
|
CVE-2017-8411
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248138
|
8.8 |
HIGH
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device d…
|
CWE-352
Origin Validation Error
|
CVE-2017-8407
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248139
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST param…
|
CWE-77
Command Injection
|
CVE-2017-8404
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248140
|
9.8 |
CRITICAL
Network
|
dlink
|
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parame…
|
CWE-77
Command Injection
|
CVE-2017-8408
|
2024-11-21 12:33 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
