Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4046

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2012-4046
Last Modified 18 Mar 2015 12:55:53
Published 24 Dec 2012 01:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4046

Summary

The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.

Vulnerable Systems

Operating System

  • D-link Dcs-932l Camera Firmware 1.02

  • D-link Dcs-932l Firmware 1.02


References

MISC - http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046

BUGTRAQ - 20121213 Password Disclosure in D-Link IP Cameras (CVE-2012-4046)


Last Updated: 27 May 2016 10:49:52