CVE-2013-1602

Published: Jan 28, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams.

Affected (21)

Products: Dlink: Dcs 3411 Firmware, Dcs 3430 Firmware, Dcs 5605 Firmware, Dcs 5635 Firmware, Dcs 1100l Firmware, Dcs 1130l Firmware, Dcs 1100 Firmware, Dcs 1130 Firmware, Dcs 2102 Firmware, Dcs 2121 Firmware, Dcs 3410 Firmware, Dcs 5230 Firmware, Dcs 5230l Firmware, Dcs 6410 Firmware, Dcs 7410 Firmware, Dcs 7510 Firmware, Wcs 1100 Firmware

17 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3411 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3411	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3430 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3430	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5605 Firmware	Version 1.01

Running on/with	Platform Versions
Dlink Dcs 5605	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5635 Firmware	Version 1.01

Running on/with	Platform Versions
Dlink Dcs 5635	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1100l Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1100l	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1130l Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1130l	All versions

Configuration G

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1100 Firmware	Version 1.03
Dlink Dcs 1100 Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1100	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 1130 Firmware	Version 1.03
Dlink Dcs 1130 Firmware	Version 1.04

Running on/with	Platform Versions
Dlink Dcs 1130	All versions

Configuration I

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 2102 Firmware	Version 1.05
Dlink Dcs 2102 Firmware	Version 1.06

Running on/with	Platform Versions
Dlink Dcs 2102	All versions

Configuration J

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 2121 Firmware	Version 1.05
Dlink Dcs 2121 Firmware	Version 1.06

Running on/with	Platform Versions
Dlink Dcs 2121	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 3410 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 3410	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5230 Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 5230	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5230l Firmware	Version 1.02

Running on/with	Platform Versions
Dlink Dcs 5230l	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 6410 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 6410	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 7410 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 7410	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 7510 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Dcs 7510	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Wcs 1100 Firmware	Version 1.00

Running on/with	Platform Versions
Dlink Wcs 1100	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://www.securityfocus.com/bid/59569

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/83942

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/cve/CVE-2013-1602

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

http://www.securityfocus.com/bid/59569

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/83942

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/cve/CVE-2013-1602

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.