CVE-2017-8409

An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.

View Full Alert

Related Posts

  • CVE-2017-17944

    The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. View Full Alert

  • CVE-2017-17945

    The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. View Full Alert

  • CVE-2017-6216

    novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution View Full Alert