Name of the Vulnerable Software and Affected Versions:

D-Link DCS-2530L versions prior to 1.06.01 Hotfix

D-Link DCS-2670L versions prior to 2.02

Description:

An issue exists in D-Link DCS-2530L and DCS-2670L devices that allows for remote administrator password disclosure. The `/config/getuser` API endpoint is unauthenticated, enabling unauthorized access to administrator credentials. This vulnerability is actively exploited in the wild, as indicated by reports of exploitation by the HiatusRAT actor targeting web cameras and DVRs.

Recommendations:

D-Link DCS-2530L versions prior to 1.06.01 Hotfix: Update to version 1.06.01 Hotfix or later.

D-Link DCS-2670L versions prior to 2.02: Update to version 2.02 or later.