Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:32440
HistoryAug 24, 2015 - 12:00 a.m.

CSRF and XSS vulnerabilities in D-Link DCS-2103

2015-08-2400:00:00
vulners.com
28
JSON

Hello 3APA3A!

There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DCS-2103 (IP camera).

Affected products:

Vulnerable is the next model: D-Link DCS-2103, Firmware 1.0.0. Version 1.20 and previous versions also must be vulnerable.

Details:

Cross-Site Request Forgery (WASC-09):

CSRF vulnerabilities in all sections of admin panel. E.g. change DEVICE SETTING (parameters: IP camera Name, Enable OSD, Label, Show time).

http://site/vb.htm?cameratitle=Test&tstampenable=1&tstamplabel=Test&tstampformat=1

Cross-Site Scripting (WASC-08):

http://site/vb.htm?tstamplabel=</script><script>alert(document.cookie)</script>

This is persistent XSS. The code will execute at pages: maintenance.htm, maintenance_device.htm, maintenance_backup_restore.htm, maintenance_firmware_upgrade.htm.

Timeline:

2014.08.01 - announced at my site about previous vulnerabilities in DCS-2103.
2014.11.14-2014.12.13 - conversation with D-Link about vulnerabilities in DCS-2103.
2014.11.27 - announced at my site about new vulnerabilities in DCS-2103.
2015.07.23 - disclosed at my site (http://websecurity.com.ua/7476/).

I found this and other web cameras during summer 2014 to watch terrorists activities in Donetsk and Lugansks regions of Ukraine and also in Russia (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-July/009110.html).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

JSON