Vulnerabilites related to dlink - dcs-2102_firmware
cve-2013-1601
Vulnerability from cvelistv5
Published
2020-01-28 20:50
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59570 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83939 | x_refsource_MISC | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1601 | x_refsource_MISC | |
| https://vuldb.com/?id.8573 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59570"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1601"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.8573"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T20:50:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/59570"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1601"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.8573"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/59570",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/59570"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939"
},
{
"name": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1601",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1601"
},
{
"name": "https://vuldb.com/?id.8573",
"refsource": "MISC",
"url": "https://vuldb.com/?id.8573"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1601",
"datePublished": "2020-01-28T20:50:37",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1602
Vulnerability from cvelistv5
Published
2020-01-28 21:13
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59569 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83942 | x_refsource_MISC | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1602 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59569"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T21:13:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/59569"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/59569",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/59569"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942"
},
{
"name": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1602",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1602",
"datePublished": "2020-01-28T21:13:06",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1599
Vulnerability from cvelistv5
Published
2020-01-28 19:54
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59564 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/25138 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83941 | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1599 | x_refsource_MISC | |
| https://seclists.org/fulldisclosure/2013/Apr/253 | mailing-list, x_refsource_FULLDISC | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/25138"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1599"
},
{
"name": "CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2013/Apr/253"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera\u2019s web interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T19:54:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/59564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/25138"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1599"
},
{
"name": "CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "https://seclists.org/fulldisclosure/2013/Apr/253"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1599",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera\u2019s web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/59564",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/59564"
},
{
"name": "http://www.exploit-db.com/exploits/25138",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/25138"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1599",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1599"
},
{
"name": "CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2013/Apr/253"
},
{
"name": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1599",
"datePublished": "2020-01-28T19:54:43",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1600
Vulnerability from cvelistv5
Published
2020-01-28 20:19
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59566 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83916 | x_refsource_MISC | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1600 | x_refsource_MISC | |
| https://vuldb.com/?id.8572 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59566"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1600"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.8572"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T20:19:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/59566"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1600"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.8572"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/59566",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/59566"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916"
},
{
"name": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1600",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1600"
},
{
"name": "https://vuldb.com/?id.8572",
"refsource": "MISC",
"url": "https://vuldb.com/?id.8572"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1600",
"datePublished": "2020-01-28T20:19:22",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1603
Vulnerability from cvelistv5
Published
2020-01-28 21:28
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59571 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83940 | x_refsource_MISC | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | x_refsource_MISC | |
| https://vuldb.com/?id.8575 | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1603 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59571"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.8575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1603"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T21:28:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/59571"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.8575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1603"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/59571",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/59571"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940"
},
{
"name": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"name": "https://vuldb.com/?id.8575",
"refsource": "MISC",
"url": "https://vuldb.com/?id.8575"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1603",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1603"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1603",
"datePublished": "2020-01-28T21:28:28",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-01-28 21:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-2102_firmware | 1.05 | |
| dlink | dcs-2102_firmware | 1.06 | |
| dlink | dcs-2102 | - | |
| dlink | dcs-2121_firmware | 1.05 | |
| dlink | dcs-2121_firmware | 1.06 | |
| dlink | dcs-2121 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE404D-2DFF-4203-8954-FA579EF5924B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "309BB5E5-5664-447B-B2C0-DCE54B0FDC2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3435DC0-44C2-440D-9C56-39EC06782BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "631443E3-859B-439D-879E-C342B514BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el archivo upnp/asf-mp4.asf cuando se transmite video en vivo en D-Link TESCO DCS-2121 versi\u00f3n 1.05_TESCO, TESCO DCS-2102 versi\u00f3n 1.05_TESCO, DCS-2121 versiones 1.06_FR, 1.06 y 1.05_RU, DCS-2102 versiones 1.06_FR, 1.06 y 1.05_RU, lo que podr\u00eda permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
}
],
"id": "CVE-2013-1600",
"lastModified": "2024-11-21T01:49:58.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T21:15:11.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59566"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1600"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8572"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 22:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/59569 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/83942 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://packetstormsecurity.com/files/cve/CVE-2013-1602 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/59569 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/83942 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/cve/CVE-2013-1602 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-3411_firmware | 1.02 | |
| dlink | dcs-3411 | - | |
| dlink | dcs-3430_firmware | 1.02 | |
| dlink | dcs-3430 | - | |
| dlink | dcs-5605_firmware | 1.01 | |
| dlink | dcs-5605 | - | |
| dlink | dcs-5635_firmware | 1.01 | |
| dlink | dcs-5635 | - | |
| dlink | dcs-1100l_firmware | 1.04 | |
| dlink | dcs-1100l | - | |
| dlink | dcs-1130l_firmware | 1.04 | |
| dlink | dcs-1130l | - | |
| dlink | dcs-1100_firmware | 1.03 | |
| dlink | dcs-1100_firmware | 1.04 | |
| dlink | dcs-1100 | - | |
| dlink | dcs-1130_firmware | 1.03 | |
| dlink | dcs-1130_firmware | 1.04 | |
| dlink | dcs-1130 | - | |
| dlink | dcs-2102_firmware | 1.05 | |
| dlink | dcs-2102_firmware | 1.06 | |
| dlink | dcs-2102 | - | |
| dlink | dcs-2121_firmware | 1.05 | |
| dlink | dcs-2121_firmware | 1.06 | |
| dlink | dcs-2121 | - | |
| dlink | dcs-3410_firmware | 1.02 | |
| dlink | dcs-3410 | - | |
| dlink | dcs-5230_firmware | 1.02 | |
| dlink | dcs-5230 | - | |
| dlink | dcs-5230l_firmware | 1.02 | |
| dlink | dcs-5230l | - | |
| dlink | dcs-6410_firmware | 1.00 | |
| dlink | dcs-6410 | - | |
| dlink | dcs-7410_firmware | 1.00 | |
| dlink | dcs-7410 | - | |
| dlink | dcs-7510_firmware | 1.00 | |
| dlink | dcs-7510 | - | |
| dlink | wcs-1100_firmware | 1.00 | |
| dlink | wcs-1100 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4F54E-78BD-4963-88C0-6B6F9D751C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0A639C-EC97-4CF6-B853-B9CE3EEDF399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "3595919A-23A4-42D7-BC22-9AA3E5F196E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0337488F-E15D-497E-855F-7719D4809433",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "0C400977-3E3C-4010-8EFE-75F30180FF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B92CB5D-CD8E-4768-91CE-C3497C8EA58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "76933BB0-E0C2-4F81-9B28-879EDAC49302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFFD6C7-9379-4197-B447-1C755E6636AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FD5F42-72DD-47F4-ABDD-E0E4D0D1754A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D1E7AB-C4EA-4B97-B788-944244777CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1B09CDBD-7DC9-4E4C-9FD6-3500C56D0B3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF5842-F02E-4076-9B26-A3CC1EEBC94E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26476D-57A8-481C-80CB-80CC238F083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AD48A2EC-52EB-4C4B-B1ED-EC87822EDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704F9608-72CE-49C0-B7D2-F2FE84DF0C74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A39F0C-8E3B-41AA-8E1D-E2DABB0A4CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9B1618-9862-470A-AA4D-02A779B314A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A388EC-275D-4180-83E2-AD73F7EEB54F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE404D-2DFF-4203-8954-FA579EF5924B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "309BB5E5-5664-447B-B2C0-DCE54B0FDC2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3435DC0-44C2-440D-9C56-39EC06782BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "631443E3-859B-439D-879E-C342B514BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC3F994-76E7-487C-A144-FC6C5AFDC5D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4558EBD8-5FB0-487B-88E6-17E76B2B68BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "117E4B04-541F-4398-B644-959329FF45E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CC0BD-D224-4A30-A8CF-07E469F4BFA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5265C1F6-0246-4AF4-B348-86D3F8C95C0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94FFCE95-2A81-465F-B4EB-3B1BD687D87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2915F59C-512F-44B7-BB67-B699B622C055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-6410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "994CFC4C-7EC2-450A-9E05-940EE3CBA9D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDC8CC0-F1B5-4EA4-A822-50FA02476365",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC168D7-AFFD-44A9-8CB7-29E1EDF0849A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4466E781-46D0-4A55-9136-3842E93C228A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF686286-DFA4-49CE-BF64-D6BA849FDCD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "113F0277-63F1-4623-B668-88865ADFAD83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:wcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ED3F1-B59E-447F-B4E6-D95FB834A6C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n debido a una comprobaci\u00f3n insuficiente de las cookies de autenticaci\u00f3n para la sesi\u00f3n RTSP en D-Link DCS-5635 versi\u00f3n 1.01, DCS-1100L versi\u00f3n 1.04, DCS-1130L versi\u00f3n 1.04, DCS-1100 versiones 1.03/1.04_US, DCS-1130 versiones 1.03/1.04_US , DCS-2102 versiones 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 versiones 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 versi\u00f3n 1.02, DCS-5230 versi\u00f3n 1.02, DCS-5230L versi\u00f3n 1.02, DCS-6410 versi\u00f3n 1.0, DCS-7410 versi\u00f3n 1.0, DCS-7510 versi\u00f3n 1.0 y WCS-1100 versi\u00f3n 1.02, lo que podr\u00eda permitir a un usuario malicioso obtener acceso no autorizado a transmisiones de video."
}
],
"id": "CVE-2013-1602",
"lastModified": "2024-11-21T01:49:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T22:15:10.840",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59569"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1602"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 20:15
Modified
2024-11-21 01:49
Severity ?
Summary
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-3411_firmware | 1.02 | |
| dlink | dcs-3411 | - | |
| dlink | dcs-3430_firmware | 1.02 | |
| dlink | dcs-3430 | - | |
| dlink | dcs-5605_firmware | 1.01 | |
| dlink | dcs-5605 | - | |
| dlink | dcs-5635_firmware | 1.01 | |
| dlink | dcs-5635 | - | |
| dlink | dcs-1100l_firmware | 1.04 | |
| dlink | dcs-1100l | - | |
| dlink | dcs-1130l_firmware | 1.04 | |
| dlink | dcs-1130l | - | |
| dlink | dcs-1100_firmware | 1.03 | |
| dlink | dcs-1100_firmware | 1.04 | |
| dlink | dcs-1100 | - | |
| dlink | dcs-1130_firmware | 1.03 | |
| dlink | dcs-1130_firmware | 1.04 | |
| dlink | dcs-1130 | - | |
| dlink | dcs-2102_firmware | 1.05 | |
| dlink | dcs-2102 | - | |
| dlink | dcs-2121_firmware | 1.05 | |
| dlink | dcs-2121 | - | |
| dlink | dcs-3410_firmware | 1.02 | |
| dlink | dcs-3410 | - | |
| dlink | dcs-5230_firmware | 1.02 | |
| dlink | dcs-5230 | - | |
| dlink | dcs-5230l_firmware | 1.02 | |
| dlink | dcs-5230l | - | |
| dlink | dcs-6410_firmware | 1.00 | |
| dlink | dcs-6410 | - | |
| dlink | dcs-7410_firmware | 1.00 | |
| dlink | dcs-7410 | - | |
| dlink | dcs-7510_firmware | 1.00 | |
| dlink | dcs-7510 | - | |
| dlink | wcs-1100_firmware | 1.00 | |
| dlink | wcs-1100 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4F54E-78BD-4963-88C0-6B6F9D751C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0A639C-EC97-4CF6-B853-B9CE3EEDF399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "3595919A-23A4-42D7-BC22-9AA3E5F196E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0337488F-E15D-497E-855F-7719D4809433",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "0C400977-3E3C-4010-8EFE-75F30180FF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B92CB5D-CD8E-4768-91CE-C3497C8EA58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "76933BB0-E0C2-4F81-9B28-879EDAC49302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFFD6C7-9379-4197-B447-1C755E6636AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FD5F42-72DD-47F4-ABDD-E0E4D0D1754A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D1E7AB-C4EA-4B97-B788-944244777CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1B09CDBD-7DC9-4E4C-9FD6-3500C56D0B3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF5842-F02E-4076-9B26-A3CC1EEBC94E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26476D-57A8-481C-80CB-80CC238F083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AD48A2EC-52EB-4C4B-B1ED-EC87822EDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704F9608-72CE-49C0-B7D2-F2FE84DF0C74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A39F0C-8E3B-41AA-8E1D-E2DABB0A4CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9B1618-9862-470A-AA4D-02A779B314A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A388EC-275D-4180-83E2-AD73F7EEB54F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE404D-2DFF-4203-8954-FA579EF5924B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3435DC0-44C2-440D-9C56-39EC06782BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC3F994-76E7-487C-A144-FC6C5AFDC5D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4558EBD8-5FB0-487B-88E6-17E76B2B68BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "117E4B04-541F-4398-B644-959329FF45E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CC0BD-D224-4A30-A8CF-07E469F4BFA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5265C1F6-0246-4AF4-B348-86D3F8C95C0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94FFCE95-2A81-465F-B4EB-3B1BD687D87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2915F59C-512F-44B7-BB67-B699B622C055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-6410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "994CFC4C-7EC2-450A-9E05-940EE3CBA9D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDC8CC0-F1B5-4EA4-A822-50FA02476365",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC168D7-AFFD-44A9-8CB7-29E1EDF0849A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4466E781-46D0-4A55-9136-3842E93C228A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF686286-DFA4-49CE-BF64-D6BA849FDCD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "113F0277-63F1-4623-B668-88865ADFAD83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:wcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ED3F1-B59E-447F-B4E6-D95FB834A6C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera\u2019s web interface."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el script /var/www/cgi-bin/rtpd.cgi en las c\u00e1maras IP D-Link DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L / 1130L 1.04, DCS- 1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00 y WCS-1100 1.02, que podr\u00eda permitir a un usuario malintencionado remoto ejecutar comandos arbitrarios a trav\u00e9s de la interfaz web de la c\u00e1mara."
}
],
"id": "CVE-2013-1599",
"lastModified": "2024-11-21T01:49:57.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T20:15:11.587",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/25138"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59564"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1599"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2013/Apr/253"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/25138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2013/Apr/253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 21:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-3411_firmware | 1.02 | |
| dlink | dcs-3411 | - | |
| dlink | dcs-3430_firmware | 1.02 | |
| dlink | dcs-3430 | - | |
| dlink | dcs-5605_firmware | 1.01 | |
| dlink | dcs-5605 | - | |
| dlink | dcs-5635_firmware | 1.01 | |
| dlink | dcs-5635 | - | |
| dlink | dcs-1100l_firmware | 1.04 | |
| dlink | dcs-1100l | - | |
| dlink | dcs-1130l_firmware | 1.04 | |
| dlink | dcs-1130l | - | |
| dlink | dcs-1100_firmware | 1.03 | |
| dlink | dcs-1100_firmware | 1.04 | |
| dlink | dcs-1100 | - | |
| dlink | dcs-1130_firmware | 1.03 | |
| dlink | dcs-1130_firmware | 1.04 | |
| dlink | dcs-1130 | - | |
| dlink | dcs-2102_firmware | 1.05 | |
| dlink | dcs-2102_firmware | 1.06 | |
| dlink | dcs-2102 | - | |
| dlink | dcs-2121_firmware | 1.05 | |
| dlink | dcs-2121_firmware | 1.06 | |
| dlink | dcs-2121 | - | |
| dlink | dcs-3410_firmware | 1.02 | |
| dlink | dcs-3410 | - | |
| dlink | dcs-5230_firmware | 1.02 | |
| dlink | dcs-5230 | - | |
| dlink | dcs-5230l_firmware | 1.02 | |
| dlink | dcs-5230l | - | |
| dlink | dcs-6410_firmware | 1.00 | |
| dlink | dcs-6410 | - | |
| dlink | dcs-7410_firmware | 1.00 | |
| dlink | dcs-7410 | - | |
| dlink | dcs-7510_firmware | 1.00 | |
| dlink | dcs-7510 | - | |
| dlink | wcs-1100_firmware | 1.00 | |
| dlink | wcs-1100 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4F54E-78BD-4963-88C0-6B6F9D751C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0A639C-EC97-4CF6-B853-B9CE3EEDF399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "3595919A-23A4-42D7-BC22-9AA3E5F196E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0337488F-E15D-497E-855F-7719D4809433",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "0C400977-3E3C-4010-8EFE-75F30180FF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B92CB5D-CD8E-4768-91CE-C3497C8EA58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "76933BB0-E0C2-4F81-9B28-879EDAC49302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFFD6C7-9379-4197-B447-1C755E6636AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FD5F42-72DD-47F4-ABDD-E0E4D0D1754A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D1E7AB-C4EA-4B97-B788-944244777CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1B09CDBD-7DC9-4E4C-9FD6-3500C56D0B3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF5842-F02E-4076-9B26-A3CC1EEBC94E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26476D-57A8-481C-80CB-80CC238F083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AD48A2EC-52EB-4C4B-B1ED-EC87822EDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704F9608-72CE-49C0-B7D2-F2FE84DF0C74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A39F0C-8E3B-41AA-8E1D-E2DABB0A4CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9B1618-9862-470A-AA4D-02A779B314A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A388EC-275D-4180-83E2-AD73F7EEB54F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE404D-2DFF-4203-8954-FA579EF5924B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "309BB5E5-5664-447B-B2C0-DCE54B0FDC2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3435DC0-44C2-440D-9C56-39EC06782BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "631443E3-859B-439D-879E-C342B514BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC3F994-76E7-487C-A144-FC6C5AFDC5D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4558EBD8-5FB0-487B-88E6-17E76B2B68BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "117E4B04-541F-4398-B644-959329FF45E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CC0BD-D224-4A30-A8CF-07E469F4BFA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5265C1F6-0246-4AF4-B348-86D3F8C95C0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94FFCE95-2A81-465F-B4EB-3B1BD687D87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2915F59C-512F-44B7-BB67-B699B622C055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-6410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "994CFC4C-7EC2-450A-9E05-940EE3CBA9D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDC8CC0-F1B5-4EA4-A822-50FA02476365",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC168D7-AFFD-44A9-8CB7-29E1EDF0849A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4466E781-46D0-4A55-9136-3842E93C228A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF686286-DFA4-49CE-BF64-D6BA849FDCD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "113F0277-63F1-4623-B668-88865ADFAD83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:wcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ED3F1-B59E-447F-B4E6-D95FB834A6C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido a un fallo al restringir el acceso al script lums.cgi cuando se procesa una transmisi\u00f3n de video en vivo en D-LINK WCS-1100 versi\u00f3n 1.02, TESCO DCS-2121 versi\u00f3n 1.05_TESCO, TESCO DCS-2102 versi\u00f3n 1.05_TESCO, DCS-7510 versi\u00f3n 1.00, DCS-7410 versi\u00f3n 1.00, DCS-6410 versi\u00f3n 1.00, DCS-5635 versi\u00f3n 1.01, DCS-5605 versi\u00f3n 1.01, DCS-5230L versi\u00f3n 1.02, DCS-5230 versi\u00f3n 1.02, DCS-3430 versi\u00f3n 1.02, DCS-3411 versi\u00f3n 1.02, DCS-3410 versi\u00f3n 1.02, DCS-2121 versi\u00f3n 1.06_FR, DCS-2121 versi\u00f3n 1.06, DCS-2121 versi\u00f3n 1.05_RU, DCS-2102 versi\u00f3n 1.06_FR, DCS- 2102 versi\u00f3n 1.06, DCS-2102 versi\u00f3n 1.05_RU, DCS-1130L versi\u00f3n 1.04, DCS-1130 versi\u00f3n 1.04_US, DCS-1130 versi\u00f3n 1.03, DCS-1100L versi\u00f3n 1.04, DCS-1100 versi\u00f3n 1.04_US y DCS-1100 versi\u00f3n 1.03, que podr\u00edan permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
}
],
"id": "CVE-2013-1601",
"lastModified": "2024-11-21T01:49:58.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T21:15:11.327",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59570"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1601"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8573"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 22:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dcs-3411_firmware | 1.02 | |
| dlink | dcs-3411 | - | |
| dlink | dcs-3430_firmware | 1.02 | |
| dlink | dcs-3430 | - | |
| dlink | dcs-5605_firmware | 1.01 | |
| dlink | dcs-5605 | - | |
| dlink | dcs-5635_firmware | 1.01 | |
| dlink | dcs-5635 | - | |
| dlink | dcs-1100l_firmware | 1.04 | |
| dlink | dcs-1100l | - | |
| dlink | dcs-1130l_firmware | 1.04 | |
| dlink | dcs-1130l | - | |
| dlink | dcs-1100_firmware | 1.03 | |
| dlink | dcs-1100_firmware | 1.04 | |
| dlink | dcs-1100 | - | |
| dlink | dcs-1130_firmware | 1.03 | |
| dlink | dcs-1130_firmware | 1.04 | |
| dlink | dcs-1130 | - | |
| dlink | dcs-2102_firmware | 1.05 | |
| dlink | dcs-2102_firmware | 1.06 | |
| dlink | dcs-2102 | - | |
| dlink | dcs-2121_firmware | 1.05 | |
| dlink | dcs-2121_firmware | 1.06 | |
| dlink | dcs-2121 | - | |
| dlink | dcs-3410_firmware | 1.02 | |
| dlink | dcs-3410 | - | |
| dlink | dcs-5230_firmware | 1.02 | |
| dlink | dcs-5230 | - | |
| dlink | dcs-5230l_firmware | 1.02 | |
| dlink | dcs-5230l | - | |
| dlink | dcs-6410_firmware | 1.00 | |
| dlink | dcs-6410 | - | |
| dlink | dcs-7410_firmware | 1.00 | |
| dlink | dcs-7410 | - | |
| dlink | dcs-7510_firmware | 1.00 | |
| dlink | dcs-7510 | - | |
| dlink | wcs-1100_firmware | 1.00 | |
| dlink | wcs-1100 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4F54E-78BD-4963-88C0-6B6F9D751C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0A639C-EC97-4CF6-B853-B9CE3EEDF399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "3595919A-23A4-42D7-BC22-9AA3E5F196E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0337488F-E15D-497E-855F-7719D4809433",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "0C400977-3E3C-4010-8EFE-75F30180FF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B92CB5D-CD8E-4768-91CE-C3497C8EA58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "76933BB0-E0C2-4F81-9B28-879EDAC49302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFFD6C7-9379-4197-B447-1C755E6636AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FD5F42-72DD-47F4-ABDD-E0E4D0D1754A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D1E7AB-C4EA-4B97-B788-944244777CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1B09CDBD-7DC9-4E4C-9FD6-3500C56D0B3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF5842-F02E-4076-9B26-A3CC1EEBC94E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26476D-57A8-481C-80CB-80CC238F083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AD48A2EC-52EB-4C4B-B1ED-EC87822EDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704F9608-72CE-49C0-B7D2-F2FE84DF0C74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A39F0C-8E3B-41AA-8E1D-E2DABB0A4CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9B1618-9862-470A-AA4D-02A779B314A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A388EC-275D-4180-83E2-AD73F7EEB54F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE404D-2DFF-4203-8954-FA579EF5924B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2102_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "309BB5E5-5664-447B-B2C0-DCE54B0FDC2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3435DC0-44C2-440D-9C56-39EC06782BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dcs-2121_firmware:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "631443E3-859B-439D-879E-C342B514BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC3F994-76E7-487C-A144-FC6C5AFDC5D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-3410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4558EBD8-5FB0-487B-88E6-17E76B2B68BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "117E4B04-541F-4398-B644-959329FF45E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CC0BD-D224-4A30-A8CF-07E469F4BFA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5265C1F6-0246-4AF4-B348-86D3F8C95C0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-5230l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94FFCE95-2A81-465F-B4EB-3B1BD687D87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2915F59C-512F-44B7-BB67-B699B622C055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-6410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "994CFC4C-7EC2-450A-9E05-940EE3CBA9D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDC8CC0-F1B5-4EA4-A822-50FA02476365",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC168D7-AFFD-44A9-8CB7-29E1EDF0849A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4466E781-46D0-4A55-9136-3842E93C228A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dcs-7510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF686286-DFA4-49CE-BF64-D6BA849FDCD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "113F0277-63F1-4623-B668-88865ADFAD83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:wcs-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ED3F1-B59E-447F-B4E6-D95FB834A6C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Autenticaci\u00f3n en D-LINK WCS-1100 versi\u00f3n 1.02, TESCO DCS-2121 versi\u00f3n 1.05_TESCO, TESCO DCS-2102 versi\u00f3n 1.05_TESCO, DCS-7510 versi\u00f3n 1.00, DCS-7410 versi\u00f3n 1.00, DCS-6410 versi\u00f3n 1.00, DCS-5635 versi\u00f3n 1.01, DCS-5605 versi\u00f3n 1.01, DCS-5230L versi\u00f3n 1.02, DCS-5230 versi\u00f3n 1.02, DCS-3430 versi\u00f3n 1.02, DCS-3411 versi\u00f3n 1.02, DCS-3410 versi\u00f3n 1.02, DCS-2121 versi\u00f3n 1.06_FR, DCS-2121 versi\u00f3n 1.06, DCS-2121 versi\u00f3n 1.05_RU, DCS-2102 versi\u00f3n 1.06_FR, DCS-2102 versi\u00f3n 1.06, DCS-2102 versi\u00f3n 1.05_RU, DCS-1130L versi\u00f3n 1.04, DCS-1130 versi\u00f3n 1.04_US, DCS-1130 versi\u00f3n 1.03, DCS-1100L versi\u00f3n 1.04, DCS-1100 versi\u00f3n 1.04_US y DCS-1100 versi\u00f3n 1.03, debido a credenciales embebidas que sirven como un backdoor, lo que permite a atacantes remotos acceder a la transmisi\u00f3n de video RTSP."
}
],
"id": "CVE-2013-1603",
"lastModified": "2024-11-21T01:49:58.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T22:15:10.917",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59571"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1603"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8575"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/59571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.8575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}