Dlink Dcs-930L Firmware vulnerabilities

5 known vulnerabilities affecting dlink/dcs-930l_firmware.

Total CVEs

5

CISA KEV

1

actively exploited

Public exploits

1

Exploited in wild

1

Severity breakdown

HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2025-14225MEDIUMCVSS 5.3v1.15.042025-12-08

CVE-2025-14225 [MEDIUM] CWE-74 CVE-2025-14225: A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects pro

CVE-2016-11021HIGHCVSS 7.2KEVfixed in 2.122020-03-09

CVE-2016-11021 [HIGH] CWE-78 CVE-2016-11021: setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.

CVE-2019-10999HIGHCVSS 8.8≤ 2.16.012019-05-06

CVE-2019-10999 [HIGH] CWE-787 CVE-2019-10999: The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1

CVE-2018-18441HIGHCVSS 7.5≥ 1.002018-12-20

CVE-2018-18441 [HIGH] CWE-200 CVE-2018-18441: D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting fr

CVE-2017-7852HIGHCVSS 8.8PoC≤ 1.15.04≤ 2.13.152017-04-24

CVE-2017-7852 [HIGH] CWE-352 CVE-2017-7852: D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Fla D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malici