CVE-2017-8405

Name of the Vulnerable Software and Affected Versions D-Link DCS-1130 (affected versions not specified) D-Link DCS-1100 (affected versions not specified)

Description An issue was discovered in D-Link devices where the binary rtspd handles all rtsp connections. A flag called Authenticate indicates whether a user should be authenticated before allowing access to the video feed. By default, this flag is set to zero, allowing any attacker with the external IP address of the camera to view the live video feed without authentication. The device requires a valid username and password for the HTTP management interface but does not enforce the same restriction on RTSP URLs by default. There are over 100,000 D-Link devices potentially affected.

Recommendations For D-Link DCS-1130, consider enabling the Authenticate flag to require authentication for RTSP connections. For D-Link DCS-1100, consider enabling the Authenticate flag to require authentication for RTSP connections. As a temporary workaround, consider restricting access to the RTSP URL to minimize the risk of exploitation.