CVE-2013-1599: OS Command Injection
First published: Tue Jan 28 2020(Updated: )
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dcs-3411 Firmware | =1.02 | |
| Dlink Dcs-3411 | ||
| Dlink Dcs-3430 Firmware | =1.02 | |
| Dlink Dcs-3430 | ||
| Dlink Dcs-5605 Firmware | =1.01 | |
| Dlink Dcs-5605 | ||
| Dlink Dcs-5635 Firmware | =1.01 | |
| Dlink Dcs-5635 | ||
| Dlink Dcs-1100l Firmware | =1.04 | |
| Dlink Dcs-1100l | ||
| Dlink Dcs-1130l Firmware | =1.04 | |
| Dlink Dcs-1130l | ||
| Dlink Dcs-1100 Firmware | =1.03 | |
| Dlink Dcs-1100 Firmware | =1.04 | |
| Dlink Dcs-1100 | ||
| Dlink Dcs-1130 Firmware | =1.03 | |
| Dlink Dcs-1130 Firmware | =1.04 | |
| Dlink Dcs-1130 | ||
| Dlink Dcs-2102 Firmware | =1.05 | |
| Dlink Dcs-2102 | ||
| Dlink Dcs-2121 Firmware | =1.05 | |
| Dlink Dcs-2121 | ||
| Dlink Dcs-3410 Firmware | =1.02 | |
| Dlink Dcs-3410 | ||
| Dlink Dcs-5230 Firmware | =1.02 | |
| Dlink Dcs-5230 | ||
| Dlink Dcs-5230l Firmware | =1.02 | |
| Dlink Dcs-5230l | ||
| Dlink Dcs-6410 Firmware | =1.00 | |
| Dlink Dcs-6410 | ||
| Dlink Dcs-7410 Firmware | =1.00 | |
| Dlink Dcs-7410 | ||
| Dlink Dcs-7510 Firmware | =1.00 | |
| Dlink Dcs-7510 | ||
| Dlink Wcs-1100 Firmware | =1.00 | |
| Dlink Wcs-1100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.exploit-db.com/exploits/25138
- http://www.securityfocus.com/bid/59564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83941
- https://packetstormsecurity.com/files/cve/CVE-2013-1599
- https://seclists.org/fulldisclosure/2013/Apr/253
- https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities
Frequently Asked Questions
What is CVE-2013-1599?
CVE-2013-1599 is a Command Injection vulnerability in D-Link IP Cameras.
What is the severity of CVE-2013-1599?
CVE-2013-1599 has a severity level of critical (9.8).
Which D-Link IP Camera models are affected by CVE-2013-1599?
D-Link IP Cameras DCS-3411/3430, DCS-5605/5635, DCS-1100L/1130L, DCS-1100/1130, DCS-2102/2121, DCS-3410, DCS-5230, DCS-5230L, DCS-6410 are affected by CVE-2013-1599.
How can I fix CVE-2013-1599?
To fix CVE-2013-1599, it is recommended to update the firmware of the affected D-Link IP Cameras to the latest version.
Where can I find more information about CVE-2013-1599?
You can find more information about CVE-2013-1599 at the following references: [Exploit-DB](http://www.exploit-db.com/exploits/25138), [SecurityFocus](http://www.securityfocus.com/bid/59564), [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com/vulnerabilities/83941).
- collector/nvd-index
- agent/severity
- agent/tags
- agent/event
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/dlink
- canonical/dlink dcs-3411 firmware
- version/dlink dcs-3411 firmware/1.02
- canonical/dlink dcs-3411
- canonical/dlink dcs-3430 firmware
- version/dlink dcs-3430 firmware/1.02
- canonical/dlink dcs-3430
- canonical/dlink dcs-5605 firmware
- version/dlink dcs-5605 firmware/1.01
- canonical/dlink dcs-5605
- canonical/dlink dcs-5635 firmware
- version/dlink dcs-5635 firmware/1.01
- canonical/dlink dcs-5635
- canonical/dlink dcs-1100l firmware
- version/dlink dcs-1100l firmware/1.04
- canonical/dlink dcs-1100l
- canonical/dlink dcs-1130l firmware
- version/dlink dcs-1130l firmware/1.04
- canonical/dlink dcs-1130l
- canonical/dlink dcs-1100 firmware
- version/dlink dcs-1100 firmware/1.03
- version/dlink dcs-1100 firmware/1.04
- canonical/dlink dcs-1100
- canonical/dlink dcs-1130 firmware
- version/dlink dcs-1130 firmware/1.03
- version/dlink dcs-1130 firmware/1.04
- canonical/dlink dcs-1130
- canonical/dlink dcs-2102 firmware
- version/dlink dcs-2102 firmware/1.05
- canonical/dlink dcs-2102
- canonical/dlink dcs-2121 firmware
- version/dlink dcs-2121 firmware/1.05
- canonical/dlink dcs-2121
- canonical/dlink dcs-3410 firmware
- version/dlink dcs-3410 firmware/1.02
- canonical/dlink dcs-3410
- canonical/dlink dcs-5230 firmware
- version/dlink dcs-5230 firmware/1.02
- canonical/dlink dcs-5230
- canonical/dlink dcs-5230l firmware
- version/dlink dcs-5230l firmware/1.02
- canonical/dlink dcs-5230l
- canonical/dlink dcs-6410 firmware
- version/dlink dcs-6410 firmware/1.00
- canonical/dlink dcs-6410
- canonical/dlink dcs-7410 firmware
- version/dlink dcs-7410 firmware/1.00
- canonical/dlink dcs-7410
- canonical/dlink dcs-7510 firmware
- version/dlink dcs-7510 firmware/1.00
- canonical/dlink dcs-7510
- canonical/dlink wcs-1100 firmware
- version/dlink wcs-1100 firmware/1.00
- canonical/dlink wcs-1100