Unknown
CVE-2017-7852
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2017-7852
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device’s settings via a CSRF attack. This is because of the ‘allow-access-from domain’ child element set to *, thus accepting requests from any domain. If a victim logged into the camera’s web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim’s DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim’s DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- dcs-2132l firmware,
- dcs-2136l firmware,
- dcs-2210l firmware,
- dcs-2230l firmware,
- dcs-2310l firmware,
- dcs-2330l firmware,
- dcs-2332l firmware,
- dcs-2530l firmware,
- dcs-5000l firmware,
- dcs-5009l firmware,
- dcs-5010l firmware,
- dcs-5020l firmware,
- dcs-5025l firmware,
- dcs-5029l firmware,
- dcs-5030l firmware,
- dcs-5222l firmware,
- dcs-6010l firmware,
- dcs-6212l firmware,
- dcs-7000l firmware,
- dcs-7010l firmware,
- dcs-930l firmware,
- dcs-931l firmware,
- dcs-932l firmware,
- dcs-933l firmware,
- dcs-934l firmware,
- dcs-942l firmware
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
