CVE-2018-18442
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding.
Los dispositivos D-Link DCS-825L con firmware en versión 1.08 no emplean un mecanismo adecuado para evitar ataques de denegación de servicio (DoS). Un atacante puede dañar la disponibilidad del dispositivo (como la transmisión de vídeo/audio en directo online) mediante el uso de la herramienta hping3 para realizar un ataque de inundación IPv4. Los ataques verificados incluyen la inundación SYN, UDP, ICMP y SYN-ACK.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-10-17 CVE Reserved
- 2018-12-20 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-10-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| D-link Search vendor "D-link" | Dcs-825l Firmware Search vendor "D-link" for product "Dcs-825l Firmware" | 1.08 Search vendor "D-link" for product "Dcs-825l Firmware" and version "1.08" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dcs-825l Search vendor "Dlink" for product "Dcs-825l" | - | - |
Safe
|