Fenix

**Name of the Vulnerable Software and Affected Versions** D-Link DCS-2530L versions prior to 1.06.01 Hotfix D-Link DCS-2670L versions through 2.02 **Description** An issue exists on D-Link DCS-2530L and DCS-2670L devices. The unauthenticated `/config/getuser` endpoint allows for remote administrator password disclosure. This vulnerability is actively exploited in the wild, as confirmed by CISA’s Known Exploited Vulnerabilities (KEV) catalog. The HiatusRAT actors are targeting web cameras and DVRs, including those affected by this vulnerability. **Recommendations** Update D-Link DCS-2530L to version 1.06.01 Hotfix or later. Update D-Link DCS-2670L to a version after 2.02.