Command Injection Vulnerabilities in D-Link EyeOn Baby Monitor by D-Link
CVE-2017-11564
8.8HIGH
What is CVE-2017-11564?
The D-Link EyeOn Baby Monitor (DCS-825L) version 1.08.1 contains several command injection vulnerabilities within its web service framework. These flaws enable an attacker to craft and send malicious HTTP requests capable of executing arbitrary commands. It is important to note that successful execution of this attack requires prior authentication, thus emphasizing the need for robust credential management to secure IoT devices from such exploitation.