 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.805031 |
| Categoría: | Web application abuses |
| Título: | D-link IP Camera DCS-2103 Multiple Vulnerabilities |
| Resumen: | This host has D-link IP Camera and is; prone to multiple vulnerabilities. |
| Descripción: | Summary: This host has D-link IP Camera and is prone to multiple vulnerabilities. Vulnerability Insight: Flaws are due to: - The /cgi-bin/sddownload.cgi script not properly sanitizing user input, specifically path traversal style attacks (e.g. '../') supplied via the 'file' parameter. - An input passed via the /cgi-bin/sddownload.cgi script to the 'file' parameter is not properly sanitized. Vulnerability Impact: Successful exploitation will allow remote attackers to disclose the software's installation path resulting in a loss of confidentiality and gain access to arbitrary files. Affected Software/OS: D-link IP camera DCS-2103 with firmware 1.0.0 Solution: Upgrade to D-link IP camera DCS-2103 with firmware after 1.0.0 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-9234 http://seclists.org/fulldisclosure/2014/Nov/42 http://packetstormsecurity.com/files/129138/D-Link-DCS-2103-Directory-Traversal.html http://websecurity.com.ua/7250/ Common Vulnerability Exposure (CVE) ID: CVE-2014-9238 BugTraq ID: 71484 http://www.securityfocus.com/bid/71484 |
| Copyright | Copyright (C) 2014 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |