D-Link.DCS.930L.Authenticated.Remote.Command.Execution
Description
This indicates an attack attempt against an OS Command Injection vulnerability in D-Link DCS-930L Network Video Camera.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to gain access to execute arbitrary code in the context of the vulnerable application via a crafted request.
Affected Products
D-Link DCS-930L Network Video Camera firmware version 2.01 and prior
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.dlink.com/uk/en/support/product/dcs-930l-wireless-n-network-camera?revision=deu_revb#downloads
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-03-28 | 14.582 | Sig Added |