CVE-2013-1603

Name of the Vulnerable Software and Affected Versions: DCS-1100 version 1.02 DCS-1100 version 1.03 DCS-1100 version 1.04 DCS-1100L version 1.04 DCS-1130 version 1.03 DCS-1130 version 1.04 DCS-1130L version 1.04 DCS-2121 version 1.05 RU DCS-2121 version 1.06 DCS-2121 version 1.06 FR TESCO DCS-2121 version 1.05 TESCO DCS-2102 version 1.05 RU DCS-2102 version 1.06 DCS-2102 version 1.06 FR TESCO DCS-2102 version 1.05 TESCO DCS-3410 version 1.02 DCS-3411 version 1.02 DCS-3430 version 1.02 DCS-5230 version 1.02 DCS-5230L version 1.02 DCS-5605 version 1.01 DCS-5635 version 1.01 DCS-6410 version 1.00 DCS-7410 version 1.00 DCS-7510 version 1.00 WCS-1100 version 1.02

Description: An authentication issue exists due to hard-coded credentials that serve as a backdoor, allowing remote attackers to access the RTSP video stream.

Recommendations: As a temporary workaround, consider disabling access to the RTSP video stream until a patch is available. Restrict access to the device to minimize the risk of exploitation. Avoid using the device until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.