Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-1601

CWE-200Information Exposure5 documents5 sources
Severity
5.3MEDIUM
EPSS
39.9%
top 2.68%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
17
Dlink Dcs-1100 FirmwareDlink Dcs-1100l FirmwareDlink Dcs-1130 Firmware+14 more
Timeline
PublishedJan 28
Latest updateMay 5

Description

An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-34

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages17 packages

NVDdlink/dcs-2102_firmware1.05, 1.06+1
NVDdlink/dcs-2121_firmware1.05, 1.06+1
NVDdlink/dcs-1100_firmware1.03, 1.04+1

🔴Vulnerability Details

2
GHSA
GHSA-mhq4-hrhr-7vpg: An Information Disclosure vulnerability exists due to a failure to restrict access on the lums2022-05-05
CVEList
CVE-2013-1601: An Information Disclosure vulnerability exists due to a failure to restrict access on the lums2020-01-28

💥Exploits & PoCs

1
Exploit-DB
D-Link IP Cameras - Multiple Vulnerabilities2013-05-01

🔍Detection Rules

1
Suricata
ET EXPLOIT D-Link IP Camera Vulnerable HTTP Request (CVE-2013-1601)2014-11-25
CVE-2013-1601 (MEDIUM CVSS 5.3) | An Information Disclosure vulnerabi | cvebase.io