Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1601

Опубликовано: 28 янв. 2020
Источник: nvd
CVSS3: 5.3
CVSS2: 5
EPSS Средний

Описание

An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-3411:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-3430:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-5605:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-5635:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-1100l:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-1130l:-:*:*:*:*:*:*:*
Конфигурация 7

Одновременно

Одно из

cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*
Конфигурация 8

Одновременно

Одно из

cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*
Конфигурация 9

Одновременно

Одно из

cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dcs-2102_firmware:1.06:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*
Конфигурация 10

Одновременно

Одно из

cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dcs-2121_firmware:1.06:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*
Конфигурация 11

Одновременно

cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-3410:-:*:*:*:*:*:*:*
Конфигурация 12

Одновременно

cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-5230:-:*:*:*:*:*:*:*
Конфигурация 13

Одновременно

cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-5230l:-:*:*:*:*:*:*:*
Конфигурация 14

Одновременно

cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-6410:-:*:*:*:*:*:*:*
Конфигурация 15

Одновременно

cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-7410:-:*:*:*:*:*:*:*
Конфигурация 16

Одновременно

cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dcs-7510:-:*:*:*:*:*:*:*
Конфигурация 17

Одновременно

cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:wcs-1100:-:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.3742
Средний

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-mhq4-hrhr-7vpg

github
почти 4 года назад

An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.

EPSS

Процентиль: 97%
0.3742
Средний

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200
Уязвимость CVE-2013-1601