CVE-2013-1601
Last modified
CVE-2013-1601 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.. EPSS estimates a 12.73% chance of exploitation in the next 30 days.
Description
An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dcs-3411 Firmware | 1.02 |
| Dlink | Dcs-3430 Firmware | 1.02 |
| Dlink | Dcs-5605 Firmware | 1.01 |
| Dlink | Dcs-5635 Firmware | 1.01 |
| Dlink | Dcs-1100l Firmware | 1.04 |
| Dlink | Dcs-1130l Firmware | 1.04 |
| Dlink | Dcs-1100 Firmware | 1.03 |
| Dlink | Dcs-1100 Firmware | 1.04 |
| Dlink | Dcs-1130 Firmware | 1.03 |
| Dlink | Dcs-1130 Firmware | 1.04 |
| Dlink | Dcs-2102 Firmware | 1.05 |
| Dlink | Dcs-2102 Firmware | 1.06 |
| Dlink | Dcs-2121 Firmware | 1.05 |
| Dlink | Dcs-2121 Firmware | 1.06 |
| Dlink | Dcs-3410 Firmware | 1.02 |
| Dlink | Dcs-5230 Firmware | 1.02 |
| Dlink | Dcs-5230l Firmware | 1.02 |
| Dlink | Dcs-6410 Firmware | 1.00 |
| Dlink | Dcs-7410 Firmware | 1.00 |
| Dlink | Dcs-7510 Firmware | 1.00 |
| Dlink | Wcs-1100 Firmware | 1.00 |
References
- http://www.securityfocus.com/bid/59570Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83939Third Party Advisory, VDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1601Third Party Advisory, VDB Entry
- https://vuldb.com/?id.8573Permissions Required
- https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilitiesExploit, Third Party Advisory
- http://www.securityfocus.com/bid/59570Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83939Third Party Advisory, VDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1601Third Party Advisory, VDB Entry
- https://vuldb.com/?id.8573Permissions Required
- https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilitiesExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-1601?
How severe is CVE-2013-1601?
How do I fix CVE-2013-1601?
Are you affected by CVE-2013-1601?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST