Intrusion Prevention

D-Link.DCS.930L.Authenticated.Remote.Command.Execution

Description

This indicates an attack attempt against an OS Command Injection vulnerability in D-Link DCS-930L Network Video Camera.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to gain access to execute arbitrary code in the context of the vulnerable application via a crafted request.

Affected Products

D-Link DCS-930L Network Video Camera firmware version 2.01 and prior

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.dlink.com/uk/en/support/product/dcs-930l-wireless-n-network-camera?revision=deu_revb#downloads