Product:

Dcs\-932l_firmware

(Dlink)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2021-09-24 CVE-2021-41503 DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Dcs\-5000l_firmware, Dcs\-932l_firmware 8.0
2021-09-24 CVE-2021-41504 An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Dcs\-5000l_firmware, Dcs\-932l_firmware 8.0
2012-12-24 CVE-2012-4046 The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value. Dcs\-932l, Dcs\-932l_firmware N/A
2017-04-24 CVE-2017-7852 D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series... Dcs\-2132l_firmware, Dcs\-2136l_firmware, Dcs\-2210l_firmware, Dcs\-2230l_firmware, Dcs\-2310l_firmware, Dcs\-2330l_firmware, Dcs\-2332l_firmware, Dcs\-2530l_firmware, Dcs\-5000l_firmware, Dcs\-5009l_firmware, Dcs\-5010l_firmware, Dcs\-5020l_firmware, Dcs\-5025l_firmware, Dcs\-5029l_firmware, Dcs\-5030l_firmware, Dcs\-5222l_firmware, Dcs\-6010l_firmware, Dcs\-6212l_firmware, Dcs\-7000l_firmware, Dcs\-7010l_firmware, Dcs\-930l_firmware, Dcs\-931l_firmware, Dcs\-932l_firmware, Dcs\-933l_firmware, Dcs\-934l_firmware, Dcs\-942l_firmware 8.8
2018-12-20 CVE-2018-18441 D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The... Dcs\-2102_firmware, Dcs\-2121_firmware, Dcs\-2630l_firmware, Dcs\-5222l_firmware, Dcs\-5222lb1_firmware, Dcs\-8000lh_firmware, Dcs\-8100lh_firmware, Dcs\-820l_firmware, Dcs\-825l_firmware, Dcs\-855l_firmware, Dcs\-936l_firmware, Dcs\-942lb1_firmware, Dcs\-5020l_firmware, Dcs\-5030l_firmware, Dcs\-930l_firmware, Dcs\-932l_firmware, Dcs\-933l_firmware, Dcs\-942l_firmware 7.5
2019-05-06 CVE-2019-10999 The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below),... Dcs\-5009l_firmware, Dcs\-5010l_firmware, Dcs\-5020l_firmware, Dcs\-5025l_firmware, Dcs\-5030l_firmware, Dcs\-930l_firmware, Dcs\-931l_firmware, Dcs\-932l_firmware, Dcs\-933l_firmware, Dcs\-934l_firmware 8.8