High severity7.5NVD Advisory· Published Jul 2, 2019· Updated Jun 17, 2026
CVE-2017-8409
CVE-2017-8409
Description
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- D-Link/DCS-1130 devicesdescription
Patches
Vulnerability mechanics
References
3- github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Dlink_DCS_1130_security.pdfnvdExploitThird Party Advisory
- packetstormsecurity.com/files/153226/Dlink-DCS-1130-Command-Injection-CSRF-Stack-Overflow.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/bugtraq/2019/Jun/8nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.