First published: Fri Sep 24 2021(Updated: )
** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dcs-932l Firmware | <=2.17 | |
Dlink Dcs-932l | ||
D-link Dcs-5000l Firmware | =1.05 | |
Dlink Dcs-5000l | ||
All of | ||
Dlink Dcs-932l Firmware | <=2.17 | |
Dlink Dcs-932l | ||
All of | ||
D-link Dcs-5000l Firmware | =1.05 | |
Dlink Dcs-5000l |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-41503 is high.
DCS-5000L v1.05 and DCS-932L v2.17 and older firmware versions are affected by CVE-2021-41503.
The vulnerability in CVE-2021-41503 is Incorrect Access Control.
The vulnerability in CVE-2021-41503 may compromise the cameras' configuration and allow malicious users on the LAN to access them.
It is recommended to update the firmware of the DCS-5000L and DCS-932L cameras to a supported version to mitigate the CVE-2021-41503 vulnerability.