CVE-2013-1603
Description
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Hard-coded credentials in multiple D-LINK and TESCO IP camera models allow remote attackers to access RTSP video streams without authentication.
Vulnerability
Multiple D-LINK and TESCO network camera models, including D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, contain hard-coded credentials that serve as a backdoor [1]. This allows remote attackers to access the RTSP video stream without proper authentication.
Exploitation
An attacker can exploit this vulnerability by connecting to the affected camera's RTSP stream using the hard-coded credentials [1]. No special network position or prior authentication is required; the attacker only needs network access to the camera.
Impact
Successful exploitation results in unauthorized access to the RTSP video stream [1]. This allows an attacker to view live video footage from the camera, leading to information disclosure of potentially sensitive visual data.
Mitigation
Not yet disclosed in the available references. Users should check vendor advisories for firmware updates or workarounds. The vulnerability was published in 2020, and many of the listed models may be end-of-life [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- D-LINK/WCS-1100description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.securityfocus.com/bid/59571mitrex_refsource_MISC
- exchange.xforce.ibmcloud.com/vulnerabilities/83940mitrex_refsource_MISC
- packetstormsecurity.com/files/cve/CVE-2013-1603mitrex_refsource_MISC
- vuldb.commitrex_refsource_MISC
- www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilitiesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.