Product:

Dcs\-825l_firmware

(D\-Link)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2018-12-20 CVE-2018-18441 D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The... Dcs\-2102_firmware, Dcs\-2121_firmware, Dcs\-2630l_firmware, Dcs\-5222l_firmware, Dcs\-5222lb1_firmware, Dcs\-8000lh_firmware, Dcs\-8100lh_firmware, Dcs\-820l_firmware, Dcs\-825l_firmware, Dcs\-855l_firmware, Dcs\-936l_firmware, Dcs\-942lb1_firmware, Dcs\-5020l_firmware, Dcs\-5030l_firmware, Dcs\-930l_firmware, Dcs\-932l_firmware, Dcs\-933l_firmware, Dcs\-942l_firmware 7.5
2018-12-20 CVE-2018-18442 D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding. Dcs\-825l_firmware 7.5
2018-12-20 CVE-2018-18767 An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are performed from the app (e.g., change camera settings or play lullabies), it communicates directly with the Wi-Fi camera (D-Link 825L firmware 1.08) with the credentials (username and password) in base64 cleartext. An attacker could conduct an MitM attack on the local network and very easily obtain these credentials. Dcs\-825l_firmware, Mydlink_baby_camera_monitor 7.0