Newsoft

**Name of the Vulnerable Software and Affected Versions** D-Link DCS-2121 camera with firmware 1.04 **Description** The issue concerns a hardcoded password in the `/etc/rc.d/rc.local` file, which sets the root account password to `admin`. This makes it easier for remote attackers to gain shell access, especially if a telnetd server is running. **Recommendations** For D-Link DCS-2121 camera with firmware 1.04, consider changing the hardcoded password of `admin` for the root account to a stronger, unique password to prevent unauthorized access. As a temporary workaround, restrict access to the telnetd server to minimize the risk of exploitation.