PT-2018-5328 · D Link · D-Link Eyeon Baby Monitor

Dove Chiu

Publicado

2018-08-24

Atualizado

2019-10-03

CVE-2017-11564

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link EyeOn Baby Monitor (DCS-825L) version 1.08.1

Description The issue allows an attacker to execute commands by forging malicious HTTP requests to the web service framework, but authentication is required before the attack can be executed.

Recommendations For D-Link EyeOn Baby Monitor (DCS-825L) version 1.08.1, consider restricting access to the web service framework until a fix is available. As a temporary workaround, limit the ability to execute commands through the web interface to minimize the risk of exploitation.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2017-11564

Produtos afetados

D-Link Eyeon Baby Monitor

PT-2018-5328 · D Link · D-Link Eyeon Baby Monitor

CVE-2017-11564

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4