Vulnerabilities > CVE-2018-18442 - Unspecified vulnerability in D-Link Dcs-825L Firmware 1.08

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

d-link

NVD

Published: 2018-12-20

Updated: 2023-04-26

Summary

D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding.

Vulnerable Configurations

Part	Description	Count
OS	D-Link D Link DCS 825L Firmware 1.08	1
Hardware	Dlink Dlink DCS 825L -	1

References

https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/