Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-1603

CWE-798Hard-coded Credentials6 documents5 sources
Severity
5.3MEDIUM
EPSS
63.2%
top 1.60%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
17
Dlink Dcs-1100 FirmwareDlink Dcs-1100l FirmwareDlink Dcs-1130 Firmware+14 more
Timeline
PublishedJan 28
Latest updateMay 5

Description

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credential

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages17 packages

NVDdlink/dcs-2102_firmware1.05, 1.06+1
NVDdlink/dcs-2121_firmware1.05, 1.06+1
NVDdlink/dcs-1100_firmware1.03, 1.04+1

🔴Vulnerability Details

2
GHSA
GHSA-59jf-rvgr-hx6h: An Authentication vulnerability exists in D-LINK WCS-1100 12022-05-05
CVEList
CVE-2013-1603: An Authentication vulnerability exists in D-LINK WCS-1100 12020-01-28

💥Exploits & PoCs

2
Exploit-DB
GetSimple CMS 3.3.1 - Cross-Site Scripting2014-10-12
Exploit-DB
D-Link IP Cameras - Multiple Vulnerabilities2013-05-01

💬Community

1
Bugzilla
CVE-2013-4481 luci: short exposure of authentication secrets while generating configuration file2013-07-26
CVE-2013-1603 (MEDIUM CVSS 5.3) | An Authentication vulnerability exi | cvebase.io