Directory Traversal Vulnerability in D-Link IP Camera DCS-2103
CVE-2014-9238

Currently unrated

Key Information:

Vendor
D-link
Status
Dcs-2103 Hd Cube Network Camera Firmware
Vendor
CVE Published:
3 December 2014

Summary

The D-Link DCS-2103 IP camera is susceptible to a directory traversal vulnerability, which allows remote attackers to exploit the file parameter of the cgi-bin/sddownload.cgi script. By manipulating this parameter, an attacker can potentially access sensitive installation files located on the camera's file system. This flaw poses a significant risk as it may grant unauthorized access to the device's underlying structure, leading to further exploitation of security weaknesses.

References

http://seclists.org/fulldisclosure/2014/Nov/42
mailing-listx_refsource_FULLDISC
http://websecurity.com.ua/7250/
x_refsource_MISC
http://packetstormsecurity.com/files/129138/D-Link-DCS-21...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.