Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dcs\-2310l_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-24 | CVE-2017-7852 | D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series... | Dcs\-2132l_firmware, Dcs\-2136l_firmware, Dcs\-2210l_firmware, Dcs\-2230l_firmware, Dcs\-2310l_firmware, Dcs\-2330l_firmware, Dcs\-2332l_firmware, Dcs\-2530l_firmware, Dcs\-5000l_firmware, Dcs\-5009l_firmware, Dcs\-5010l_firmware, Dcs\-5020l_firmware, Dcs\-5025l_firmware, Dcs\-5029l_firmware, Dcs\-5030l_firmware, Dcs\-5222l_firmware, Dcs\-6010l_firmware, Dcs\-6212l_firmware, Dcs\-7000l_firmware, Dcs\-7010l_firmware, Dcs\-930l_firmware, Dcs\-931l_firmware, Dcs\-932l_firmware, Dcs\-933l_firmware, Dcs\-934l_firmware, Dcs\-942l_firmware | 8.8 |