VYPR

Dcs 932l Firmware

by Dlink

CVEs (12)

  • CVE-2017-7852HigApr 24, 2017
    risk 0.61cvss 8.8epss 0.04

    D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from…

  • CVE-2026-36983HigMay 11, 2026
    risk 0.48cvss 7.3epss 0.01

    D-Link DCS-932L v2.18.01 is vulnerable to Command Injection in the function sub_42EF14 of the file /bin/alphapd. The manipulation of the argument LightSensorControl leads to command injection.

  • CVE-2025-5573Jun 4, 2025
    risk 0.00cvss epss 0.10

    A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be…

  • CVE-2025-5572Jun 4, 2025
    risk 0.00cvss epss 0.04

    A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The…

  • CVE-2025-5571Jun 4, 2025
    risk 0.00cvss epss 0.08

    A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely.…

  • CVE-2025-4843May 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2025-4842May 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack can be…

  • CVE-2025-4841May 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The…

  • CVE-2024-37606Dec 17, 2024
    risk 0.00cvss epss 0.00

    A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2021-41504Sep 24, 2021
    risk 0.00cvss epss 0.00

    An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN…

  • CVE-2021-41503Sep 24, 2021
    risk 0.00cvss epss 0.00

    DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the…

  • CVE-2012-4046Dec 24, 2012
    risk 0.00cvss epss 0.01

    The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.