CVE-2023-51629

Name of the Vulnerable Software and Affected Versions D-Link DCS-8300LHV2

Description The issue is related to the configuration of the ONVIF API in the D-Link DCS-8300LHV2 Wi-Fi camera, which is associated with weaknesses in the authentication procedure. This allows a remote attacker to bypass the authentication process. The specific flaw exists within the ONVIF API configuration, resulting from the use of a hardcoded PIN. An attacker can leverage this vulnerability to bypass authentication on the system.

Recommendations For D-Link DCS-8300LHV2, consider disabling the ONVIF API until a patch is available to prevent exploitation. Restrict access to the camera's network to minimize the risk of exploitation. Avoid using the hardcoded PIN in the ONVIF API configuration until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.