PT-2011-1900 · D Link · D-Link Dcs-2121

Newsoft

Published

2011-10-16

Updated

2012-05-14

CVE-2010-4965

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link DCS-2121 camera with firmware 1.04

Description The issue concerns a hardcoded password in the /etc/rc.d/rc.local file, which sets the root account password to admin. This makes it easier for remote attackers to gain shell access, especially if a telnetd server is running.

Recommendations For D-Link DCS-2121 camera with firmware 1.04, consider changing the hardcoded password of admin for the root account to a stronger, unique password to prevent unauthorized access. As a temporary workaround, restrict access to the telnetd server to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2010-4965

Affected Products

D-Link Dcs-2121

PT-2011-1900 · D Link · D-Link Dcs-2121

CVE-2010-4965

Weakness Enumeration

Related Identifiers

Affected Products

References · 2