CVE-2013-1602

D-Link IP Cameras - Multiple Vulnerabilities

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams.

Se presenta una vulnerabilidad de Divulgación de Información debido a una comprobación insuficiente de las cookies de autenticación para la sesión RTSP en D-Link DCS-5635 versión 1.01, DCS-1100L versión 1.04, DCS-1130L versión 1.04, DCS-1100 versiones 1.03/1.04_US, DCS-1130 versiones 1.03/1.04_US , DCS-2102 versiones 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 versiones 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 versión 1.02, DCS-5230 versión 1.02, DCS-5230L versión 1.02, DCS-6410 versión 1.0, DCS-7410 versión 1.0, DCS-7510 versión 1.0 y WCS-1100 versión 1.02, lo que podría permitir a un usuario malicioso obtener acceso no autorizado a transmisiones de video.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-02-04 CVE Reserved
2013-04-29 CVE Published
2013-05-01 First Exploit
2024-06-25 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (5)

URL	Tag	Source
http://www.securityfocus.com/bid/59569	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/83942	Third Party Advisory
https://packetstormsecurity.com/files/cve/CVE-2013-1602	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/25138	2013-05-01
https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities	2024-08-06

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Dlink Search vendor "Dlink"	Dcs-3411 Firmware Search vendor "Dlink" for product "Dcs-3411 Firmware"	1.02 Search vendor "Dlink" for product "Dcs-3411 Firmware" and version "1.02"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-3411 Search vendor "Dlink" for product "Dcs-3411"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-3430 Firmware Search vendor "Dlink" for product "Dcs-3430 Firmware"	1.02 Search vendor "Dlink" for product "Dcs-3430 Firmware" and version "1.02"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-3430 Search vendor "Dlink" for product "Dcs-3430"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-5605 Firmware Search vendor "Dlink" for product "Dcs-5605 Firmware"	1.01 Search vendor "Dlink" for product "Dcs-5605 Firmware" and version "1.01"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-5605 Search vendor "Dlink" for product "Dcs-5605"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-5635 Firmware Search vendor "Dlink" for product "Dcs-5635 Firmware"	1.01 Search vendor "Dlink" for product "Dcs-5635 Firmware" and version "1.01"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-5635 Search vendor "Dlink" for product "Dcs-5635"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1100l Firmware Search vendor "Dlink" for product "Dcs-1100l Firmware"	1.04 Search vendor "Dlink" for product "Dcs-1100l Firmware" and version "1.04"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1100l Search vendor "Dlink" for product "Dcs-1100l"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1130l Firmware Search vendor "Dlink" for product "Dcs-1130l Firmware"	1.04 Search vendor "Dlink" for product "Dcs-1130l Firmware" and version "1.04"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1130l Search vendor "Dlink" for product "Dcs-1130l"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1100 Firmware Search vendor "Dlink" for product "Dcs-1100 Firmware"	1.03 Search vendor "Dlink" for product "Dcs-1100 Firmware" and version "1.03"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1100 Search vendor "Dlink" for product "Dcs-1100"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1100 Firmware Search vendor "Dlink" for product "Dcs-1100 Firmware"	1.04 Search vendor "Dlink" for product "Dcs-1100 Firmware" and version "1.04"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1100 Search vendor "Dlink" for product "Dcs-1100"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1130 Firmware Search vendor "Dlink" for product "Dcs-1130 Firmware"	1.03 Search vendor "Dlink" for product "Dcs-1130 Firmware" and version "1.03"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1130 Search vendor "Dlink" for product "Dcs-1130"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-1130 Firmware Search vendor "Dlink" for product "Dcs-1130 Firmware"	1.04 Search vendor "Dlink" for product "Dcs-1130 Firmware" and version "1.04"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-1130 Search vendor "Dlink" for product "Dcs-1130"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-2102 Firmware Search vendor "Dlink" for product "Dcs-2102 Firmware"	1.05 Search vendor "Dlink" for product "Dcs-2102 Firmware" and version "1.05"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-2102 Search vendor "Dlink" for product "Dcs-2102"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-2102 Firmware Search vendor "Dlink" for product "Dcs-2102 Firmware"	1.06 Search vendor "Dlink" for product "Dcs-2102 Firmware" and version "1.06"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-2102 Search vendor "Dlink" for product "Dcs-2102"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-2121 Firmware Search vendor "Dlink" for product "Dcs-2121 Firmware"	1.05 Search vendor "Dlink" for product "Dcs-2121 Firmware" and version "1.05"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-2121 Search vendor "Dlink" for product "Dcs-2121"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-2121 Firmware Search vendor "Dlink" for product "Dcs-2121 Firmware"	1.06 Search vendor "Dlink" for product "Dcs-2121 Firmware" and version "1.06"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-2121 Search vendor "Dlink" for product "Dcs-2121"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-3410 Firmware Search vendor "Dlink" for product "Dcs-3410 Firmware"	1.02 Search vendor "Dlink" for product "Dcs-3410 Firmware" and version "1.02"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-3410 Search vendor "Dlink" for product "Dcs-3410"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-5230 Firmware Search vendor "Dlink" for product "Dcs-5230 Firmware"	1.02 Search vendor "Dlink" for product "Dcs-5230 Firmware" and version "1.02"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-5230 Search vendor "Dlink" for product "Dcs-5230"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-5230l Firmware Search vendor "Dlink" for product "Dcs-5230l Firmware"	1.02 Search vendor "Dlink" for product "Dcs-5230l Firmware" and version "1.02"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-5230l Search vendor "Dlink" for product "Dcs-5230l"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-6410 Firmware Search vendor "Dlink" for product "Dcs-6410 Firmware"	1.00 Search vendor "Dlink" for product "Dcs-6410 Firmware" and version "1.00"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-6410 Search vendor "Dlink" for product "Dcs-6410"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-7410 Firmware Search vendor "Dlink" for product "Dcs-7410 Firmware"	1.00 Search vendor "Dlink" for product "Dcs-7410 Firmware" and version "1.00"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-7410 Search vendor "Dlink" for product "Dcs-7410"	-	-	Safe
Dlink Search vendor "Dlink"	Dcs-7510 Firmware Search vendor "Dlink" for product "Dcs-7510 Firmware"	1.00 Search vendor "Dlink" for product "Dcs-7510 Firmware" and version "1.00"	-	Affected	in	Dlink Search vendor "Dlink"	Dcs-7510 Search vendor "Dlink" for product "Dcs-7510"	-	-	Safe
Dlink Search vendor "Dlink"	Wcs-1100 Firmware Search vendor "Dlink" for product "Wcs-1100 Firmware"	1.00 Search vendor "Dlink" for product "Wcs-1100 Firmware" and version "1.00"	-	Affected	in	Dlink Search vendor "Dlink"	Wcs-1100 Search vendor "Dlink" for product "Wcs-1100"	-	-	Safe