{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-11-05T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-20T21:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-18441", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/", "refsource": "MISC", "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:08:21.874Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-18441", "datePublished": "2018-12-20T22:00:00.000Z", "dateReserved": "2018-10-17T00:00:00.000Z", "dateUpdated": "2024-08-05T11:08:21.874Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-936l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B7BA11A-3EA2-4B51-9F1D-CA490309B8F6", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-936l:-:*:*:*:*:*:*:*", "matchCriteriaId": "28203D6B-3BAD-4317-A43E-FB4F7DF6EB6C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-942l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4F19A9B-F477-4288-A4B6-039769204C90", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942l:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D04A473-87F2-4B8C-8FBF-BC02CF0DA8FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-8000lh_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "800EE948-8756-46AD-9B05-7092A87216E0", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-8000lh:-:*:*:*:*:*:*:*", "matchCriteriaId": "C39037E2-5703-46C7-AA44-7E8E8FE1DE62", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D1998AD-B8E2-4725-B50B-86D189DE0442", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED97B580-A1FF-4207-91E2-8B0DAA6B2277", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-5222l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D6125BC-025C-4407-AC47-414821DB33B1", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5222l:-:*:*:*:*:*:*:*", "matchCriteriaId": "97C4B9CD-6029-4B92-8785-1349292EDD69", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-825l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E470C8A-9980-4EDD-B3D1-7B9C93714918", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-825l:-:*:*:*:*:*:*:*", "matchCriteriaId": "465C691A-5068-474F-9BCF-D3CD99388EE4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2630l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEF7F10E-CF1D-4C38-B8C1-F987AFAF77EB", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2630l:-:*:*:*:*:*:*:*", "matchCriteriaId": "E09D0791-AAE2-4D42-A52D-D8755664BC4A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-820l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7A0520A-9E40-45B0-89FE-D0139D0EFFD9", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-820l:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9D9AF38-6CC7-4651-97E7-7E26583021B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-855l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E40374D0-6021-4AF0-946C-CDC556686768", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-855l:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C3B756F-053B-43F1-B94E-F02E4B6CFB4C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2121_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB9A5A20-FD4F-4837-A76B-873EF2C24D0D", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-5222lb1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "68180870-7D72-44E2-AE93-DC7FD03E38C2", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5222lb1:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5C226B9-0C16-46D2-B169-33D500BFF726", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "75848042-1899-41AB-AF25-735F78F91BBA", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*", "matchCriteriaId": "B00912CC-6F2F-4F13-BED1-0DCD4DF965DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6866E6F-BBD2-4C46-8621-466147D0A1B2", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*", "matchCriteriaId": "F24CD425-B7C1-4828-AC1A-1A72A3559746", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-8100lh_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3CD73EB3-82E4-4F47-B4CD-EE71714BC0F0", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-8100lh:-:*:*:*:*:*:*:*", "matchCriteriaId": "92B26777-214B-47D8-82F9-FFFF200D2228", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "214CB888-1F26-4DB2-B1E7-4CBCB9F71942", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*", "matchCriteriaId": "34775D9A-F16B-43C5-A8F4-88C0F9760364", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2102_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA2B7033-E82D-42C9-BB5F-F32F2E0E4926", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*", "matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D1998AD-B8E2-4725-B50B-86D189DE0442", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED97B580-A1FF-4207-91E2-8B0DAA6B2277", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-933l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0D43CDA-07AF-41D6-A0DC-A1F550F87901", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-933l:-:*:*:*:*:*:*:*", "matchCriteriaId": "414352B6-6760-4D78-91FC-5198F62981E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-5030l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A01A5E49-6B5E-4CC5-A4FA-A2E52F31C9BA", "versionStartIncluding": "1.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5030l:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BC9A416-A780-4532-8221-5674A7911198", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."}, {"lang": "es", "value": "Las c\u00e1maras Wi-Fi D-Link Serie DCS exponen informaci\u00f3n sensible relacionada con la configuraci\u00f3n del dispositivo. Los dispositivos afectados incluyen muchos de la serie DCS como: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L y muchos m\u00e1s. Hay muchas versiones de firmware afectadas, comenzando por la 1.00 y siguientes. Se puede acceder de forma remota al archivo de configuraci\u00f3n mediante: Camera-IP/common/info.cgi, sin autenticaci\u00f3n. El archivo de configuraci\u00f3n incluye los siguientes campos: modelo, producto, marca, versi\u00f3n, build, versi\u00f3n de hardware, versi\u00f3n de nipca, nombre del dispositivo, ubicaci\u00f3n, direcci\u00f3n MAC, direcci\u00f3n IP, direcci\u00f3n IP de la puerta de enlace, estado inal\u00e1mbrico, opciones de entrada/salida, altavoz y opciones del sensor."}], "id": "CVE-2018-18441", "lastModified": "2024-11-21T03:55:56.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-20T23:29:00.707", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}