CVE-2013-1601

Published: Jan 28, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.

Affected (21)

Products: Dlink: Dcs 3411 Firmware, Dcs 3430 Firmware, Dcs 5605 Firmware, Dcs 5635 Firmware, Dcs 1100l Firmware, Dcs 1130l Firmware, Dcs 1100 Firmware, Dcs 1130 Firmware, Dcs 2102 Firmware, Dcs 2121 Firmware, Dcs 3410 Firmware, Dcs 5230 Firmware, Dcs 5230l Firmware, Dcs 6410 Firmware, Dcs 7410 Firmware, Dcs 7510 Firmware, Wcs 1100 Firmware

17 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3411 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3411	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3430 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3430	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5605 Firmware	Version 1.01

Running on/with	Platform Versions
Dlink Dcs 5605	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5635 Firmware	Version 1.01

Running on/with	Platform Versions
Dlink Dcs 5635	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1100l Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1100l	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1130l Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1130l	All versions

Configuration G

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1100 Firmware	Version 1.03
Dlink Dcs 1100 Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1100	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1130 Firmware	Version 1.03
Dlink Dcs 1130 Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1130	All versions

Configuration I

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 2102 Firmware	Version 1.05
Dlink Dcs 2102 Firmware	Version 1.06

Running on/with	Platform Versions
Dlink Dcs 2102	All versions

Configuration J

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 2121 Firmware	Version 1.05
Dlink Dcs 2121 Firmware	Version 1.06

Running on/with	Platform Versions
Dlink Dcs 2121	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3410 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3410	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5230 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 5230	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5230l Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 5230l	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 6410 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 6410	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 7410 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 7410	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 7510 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 7510	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Wcs 1100 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Wcs 1100	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://www.securityfocus.com/bid/59570

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/83939

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/cve/CVE-2013-1601

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://vuldb.com/?id.8573

Source: cve@mitre.org

Permissions Required

https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

http://www.securityfocus.com/bid/59570