CWE
287
Advisory Published
Updated

CVE-2021-41503

First published: Fri Sep 24 2021(Updated: )

** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Dlink Dcs-932l Firmware<=2.17
Dlink Dcs-932l
D-link Dcs-5000l Firmware=1.05
Dlink Dcs-5000l
All of
Dlink Dcs-932l Firmware<=2.17
Dlink Dcs-932l
All of
D-link Dcs-5000l Firmware=1.05
Dlink Dcs-5000l

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2021-41503?

    The severity of CVE-2021-41503 is high.

  • Which devices are affected by CVE-2021-41503?

    DCS-5000L v1.05 and DCS-932L v2.17 and older firmware versions are affected by CVE-2021-41503.

  • What is the vulnerability in CVE-2021-41503?

    The vulnerability in CVE-2021-41503 is Incorrect Access Control.

  • How does the vulnerability in CVE-2021-41503 impact the cameras?

    The vulnerability in CVE-2021-41503 may compromise the cameras' configuration and allow malicious users on the LAN to access them.

  • How can I fix CVE-2021-41503?

    It is recommended to update the firmware of the DCS-5000L and DCS-932L cameras to a supported version to mitigate the CVE-2021-41503 vulnerability.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203