Vulnerabilities > Dlink > DCS 1130 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2013-1603 | Use of Hard-coded Credentials vulnerability in Dlink products An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. | 5.0 |
| 2020-01-28 | CVE-2013-1602 | Information Exposure vulnerability in Dlink products An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | 5.0 |
| 2020-01-28 | CVE-2013-1601 | Information Exposure vulnerability in Dlink products An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. | 5.0 |
| 2019-07-02 | CVE-2017-8412 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Dcs-1100 Firmware and Dcs-1130 Firmware An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. | 5.8 |
| 2019-07-02 | CVE-2017-8409 | Improper Authorization vulnerability in Dlink Dcs-1130 Firmware An issue was discovered on D-Link DCS-1130 devices. | 5.0 |
| 2019-07-02 | CVE-2017-8406 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dcs-1130 Firmware An issue was discovered on D-Link DCS-1130 devices. | 6.8 |
| 2019-07-02 | CVE-2017-8405 | Improper Authentication vulnerability in Dlink Dcs-1100 Firmware and Dcs-1130 Firmware An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. | 5.0 |
| 2019-07-02 | CVE-2017-8407 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dcs-1130 Firmware An issue was discovered on D-Link DCS-1130 devices. | 6.8 |