CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11564

The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 84.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

http://seclists.org/fulldisclosure/2018/Aug/19
https://documents.trendmicro.com/assets/tech_brief_Device_Vulnerabilities_in_the_Connected_Home2.pdf
http://seclists.org/fulldisclosure/2018/Aug/19
https://documents.trendmicro.com/assets/tech_brief_Device_Vulnerabilities_in_the_Connected_Home2.pdf

Products affected by CVE-2017-11564

Dlink » Eyeon Baby Monitor » Version: N/A

cpe:2.3:h:dlink:eyeon_baby_monitor:-
Dlink » Eyeon Baby Monitor Firmware » Version: 1.08.1

cpe:2.3:o:dlink:eyeon_baby_monitor_firmware:1.08.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11564

Products

Pricing

Contact Us