VYPR

DCS-1100

by Dlink

CVEs (9)

  • CVE-2017-8415CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password…

  • CVE-2017-8410CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the…

  • CVE-2017-8417HigJul 2, 2019
    risk 0.58cvss 8.8epss 0.04

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any…

  • CVE-2017-8416HigJul 2, 2019
    risk 0.58cvss 8.8epss 0.12

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile…

  • CVE-2017-8413HigJul 2, 2019
    risk 0.58cvss 8.8epss 0.10

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile…

  • CVE-2017-8412HigJul 2, 2019
    risk 0.58cvss 8.8epss 0.06

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and…

  • CVE-2017-8414HigJul 2, 2019
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command…

  • CVE-2017-8405HigJul 2, 2019
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a…

  • CVE-2013-1603MedJan 28, 2020
    risk 0.39cvss 5.3epss 0.16

    An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121…