Dlink Dcs-933L Firmware vulnerabilities

CVE-2026-2218 [MEDIUM] CWE-74 CVE-2026-2218: A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. This vulnerability only af

CVE-2019-10999 [HIGH] CWE-787 CVE-2019-10999: The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1

CVE-2018-18441 [HIGH] CWE-200 CVE-2018-18441: D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting fr

CVE-2017-7852 [HIGH] CWE-352 CVE-2017-7852: D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Fla D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malici