CVE-2019-10999

Published: May 6, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below).

Affected (10)

Products: Dlink: Dcs 930l Firmware, Dcs 931l Firmware, Dcs 932l Firmware, Dcs 933l Firmware, Dcs 934l Firmware, Dcs 5009l Firmware, Dcs 5010l Firmware, Dcs 5020l Firmware, Dcs 5025l Firmware, Dcs 5030l Firmware

10 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 930l Firmware	Up to 2.16.01

Running on/with	Platform Versions
Dlink Dcs 930l	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 931l Firmware	Up to 1.14.11

Running on/with	Platform Versions
Dlink Dcs 931l	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 932l Firmware	Up to 2.17.01

Running on/with	Platform Versions
Dlink Dcs 932l	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 933l Firmware	Up to 1.14.11

Running on/with	Platform Versions
Dlink Dcs 933l	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 934l Firmware	Up to 1.05.04

Running on/with	Platform Versions
Dlink Dcs 934l	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5009l Firmware	Up to 1.08.11

Running on/with	Platform Versions
Dlink Dcs 5009l	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5010l Firmware	Up to 1.14.09

Running on/with	Platform Versions
Dlink Dcs 5010l	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5020l Firmware	Up to 1.15.12

Running on/with	Platform Versions
Dlink Dcs 5020l	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5025l Firmware	Up to 1.03.07

Running on/with	Platform Versions
Dlink Dcs 5025l	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dcs 5030l Firmware	Up to 1.04.10

Running on/with	Platform Versions
Dlink Dcs 5030l	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://github.com/fuzzywalls/CVE-2019-10999

Source: cve@mitre.org

ExploitThird Party Advisory

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10131

Source: cve@mitre.org

https://github.com/fuzzywalls/CVE-2019-10999

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10131

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.