CVE-2013-1602

Name of the Vulnerable Software and Affected Versions: D-Link DCS-5635 version 1.01 D-Link DCS-1100L version 1.04 D-Link DCS-1130L version 1.04 D-Link DCS-1100 versions 1.03 through 1.04 US D-Link DCS-1130 versions 1.03 through 1.04 US D-Link DCS-2102 versions 1.05 RU through 1.06 FR D-Link DCS-2121 versions 1.05 RU through 1.06 FR D-Link DCS-3410 version 1.02 D-Link DCS-5230 version 1.02 D-Link DCS-5230L version 1.02 D-Link DCS-6410 version 1.0 D-Link DCS-7410 version 1.0 D-Link DCS-7510 version 1.0 D-Link WCS-1100 version 1.02

Description: An Information Disclosure issue exists due to insufficient validation of authentication cookies for the RTSP session, which could let a malicious user obtain unauthorized access to video streams.

Recommendations: For D-Link DCS-5635 version 1.01, update the firmware to a version that includes the fix for this issue. For D-Link DCS-1100L version 1.04, update the firmware to a version that includes the fix for this issue. For D-Link DCS-1130L version 1.04, update the firmware to a version that includes the fix for this issue. For D-Link DCS-1100 versions 1.03 through 1.04 US, update the firmware to a version that includes the fix for this issue. For D-Link DCS-1130 versions 1.03 through 1.04 US, update the firmware to a version that includes the fix for this issue. For D-Link DCS-2102 versions 1.05 RU through 1.06 FR, update the firmware to a version that includes the fix for this issue. For D-Link DCS-2121 versions 1.05 RU through 1.06 FR, update the firmware to a version that includes the fix for this issue. For D-Link DCS-3410 version 1.02, update the firmware to a version that includes the fix for this issue. For D-Link DCS-5230 version 1.02, update the firmware to a version that includes the fix for this issue. For D-Link DCS-5230L version 1.02, update the firmware to a version that includes the fix for this issue. For D-Link DCS-6410 version 1.0, update the firmware to a version that includes the fix for this issue. For D-Link DCS-7410 version 1.0, update the firmware to a version that includes the fix for this issue. For D-Link DCS-7510 version 1.0, update the firmware to a version that includes the fix for this issue. For D-Link WCS-1100 version 1.02, update the firmware to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.