CVE-2021-41503

Name of the Vulnerable Software and Affected Versions DCS-5000L version 1.05 and earlier DCS-932L version 2.17 and earlier

Description The issue is related to incorrect access control, allowing malicious users on the LAN to access the device due to the use of basic authentication for the devices' command interface. This may compromise the camera's configuration. The vulnerability only affects products that are no longer supported by the maintainer.

Recommendations For DCS-5000L version 1.05 and earlier, consider disabling the basic authentication for the devices' command interface until a patch is available. For DCS-932L version 2.17 and earlier, restrict access to the command interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.