CVE编号
CVE-2013-1599利用情况
暂无补丁情况
N/A披露时间
2020-01-29漏洞描述
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| http://www.exploit-db.com/exploits/25138 | |
| http://www.securityfocus.com/bid/59564 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83941 | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1599 | |
| https://seclists.org/fulldisclosure/2013/Apr/253 | |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1100l_firmware | 1.04 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1100_firmware | 1.03 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1100_firmware | 1.04 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1130l_firmware | 1.04 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1130_firmware | 1.03 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-1130_firmware | 1.04 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-2102_firmware | 1.05 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-2121_firmware | 1.05 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-3410_firmware | 1.02 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-3411_firmware | 1.02 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-3430_firmware | 1.02 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-5230l_firmware | 1.02 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-5230_firmware | 1.02 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-5605_firmware | 1.01 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-5635_firmware | 1.01 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-6410_firmware | 1.00 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-7410_firmware | 1.00 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | dcs-7510_firmware | 1.00 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | dlink | wcs-1100_firmware | 1.00 | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-1100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-1100l | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-1130 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-1130l | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-2102 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-2121 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-3410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-3411 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-3430 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-5230 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-5230l | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-5605 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-5635 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-6410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-7410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | dcs-7510 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | dlink | wcs-1100 | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 高
- 完整性 高
还没有评论,来说两句吧...