Dlink Dcs-5020L Firmware vulnerabilities

5 known vulnerabilities affecting dlink/dcs-5020l_firmware.

Total CVEs

5

CISA KEV

0

Public exploits

2

Exploited in wild

0

Severity breakdown

HIGH5

Vulnerabilities

Page 1 of 1

CVE-2025-5215HIGHCVSS 8.7v1.01_b22025-05-27

CVE-2025-5215 [HIGH] CWE-119 CVE-2025-5215: A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulne

CVE-2019-10999HIGHCVSS 8.8≤ 1.15.122019-05-06

CVE-2019-10999 [HIGH] CWE-787 CVE-2019-10999: The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1

CVE-2018-18441HIGHCVSS 7.5≥ 1.002018-12-20

CVE-2018-18441 [HIGH] CWE-200 CVE-2018-18441: D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting fr

CVE-2017-17020HIGHCVSS 8.8PoC≤ 1.14.092018-05-01

CVE-2017-17020 [HIGH] CWE-78 CVE-2017-17020: On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in

CVE-2017-7852HIGHCVSS 8.8PoC≤ 1.13.052017-04-24

CVE-2017-7852 [HIGH] CWE-352 CVE-2017-7852: D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Fla D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malici

Dlink Dcs-5020L Firmware vulnerabilities | cvebase