Intrusion Prevention

D-Link.IP.Camera.Luminance.Information.Disclosure

Description

This indicates an attack attempt to exploit a Information Disclosure vulnerability in D-Link IP Cameras.
The vulnerability is caused by a lack of sanitizing of access to "lums.cgi". It may remote attackers to gain the ASCII output of the live video stream.

Affected Products

DCS-3411/3430 - v1.02
DCS-5605/5635 - v1.01
DCS-1100L/1130L - v1.04
DCS-1100/1130 - v1.03
DCS-1100/1130 - v1.04_US
DCS-2102/2121 - v1.05_RU
DCS-2102/2121 - v1.06
DCS-2102/2121 - v1.06_FR
TESCO DCS-2102/2121 - v1.05_TESCO
DCS-3410 - v1.02
DCS-5230 - v1.02
DCS-5230L - v1.02
DCS-6410 - v1.00
DCS-7410 - v1.00
DCS-7510 - v1.00
WCS-1100 - v1.02

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.dlink.com/us/en/support

CVE References

CVE-2013-1601