CVE-2021-41504

Name of the Vulnerable Software and Affected Versions D-Link DCS-5000L version 1.05 and older D-Link DCS-932L version 2.17 and older

Description An Elevated Privileges issue exists due to the use of digest-authentication for the devices command interface, potentially allowing malicious users on the LAN to access the device and compromise its configuration. This issue only affects products that are no longer supported by the maintainer.

Recommendations For D-Link DCS-5000L version 1.05 and older, consider disabling the digest-authentication for the devices command interface as a temporary workaround to minimize the risk of exploitation. For D-Link DCS-932L version 2.17 and older, restrict access to the devices command interface until a solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.