Vulnerability Details CVE-2018-18441
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-18441
-
cpe:2.3:h:dlink:dcs-2102:-
-
cpe:2.3:h:dlink:dcs-2121:-
-
cpe:2.3:h:dlink:dcs-2630l:-
-
cpe:2.3:h:dlink:dcs-5020l:-
-
cpe:2.3:h:dlink:dcs-5030l:-
-
cpe:2.3:h:dlink:dcs-5222l:-
-
cpe:2.3:h:dlink:dcs-5222lb1:-
-
cpe:2.3:h:dlink:dcs-8000lh:-
-
cpe:2.3:h:dlink:dcs-8100lh:-
-
cpe:2.3:h:dlink:dcs-820l:-
-
cpe:2.3:h:dlink:dcs-825l:-
-
cpe:2.3:h:dlink:dcs-855l:-
-
cpe:2.3:h:dlink:dcs-930l:-
-
cpe:2.3:h:dlink:dcs-932l:-
-
cpe:2.3:h:dlink:dcs-933l:-
-
cpe:2.3:h:dlink:dcs-936l:-
-
cpe:2.3:h:dlink:dcs-942l:-
-
cpe:2.3:h:dlink:dcs-942lb1:-
-
cpe:2.3:o:d-link:dcs-2102_firmware:*
-
cpe:2.3:o:d-link:dcs-2121_firmware:*
-
cpe:2.3:o:d-link:dcs-2630l_firmware:*
-
cpe:2.3:o:d-link:dcs-5222l_firmware:*
-
cpe:2.3:o:d-link:dcs-5222lb1_firmware:*
-
cpe:2.3:o:d-link:dcs-8000lh_firmware:*
-
cpe:2.3:o:d-link:dcs-8100lh_firmware:*
-
cpe:2.3:o:d-link:dcs-820l_firmware:*
-
cpe:2.3:o:d-link:dcs-825l_firmware:*
-
cpe:2.3:o:d-link:dcs-855l_firmware:*
-
cpe:2.3:o:d-link:dcs-936l_firmware:*
-
cpe:2.3:o:d-link:dcs-942lb1_firmware:*
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.13.05
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.14.09
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.15.12
-
cpe:2.3:o:dlink:dcs-5020l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-5020l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-5020l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-5020l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-5020l_firmware:2.17
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.01.06
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.04.10
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-5030l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-5030l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-5030l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-5030l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-5030l_firmware:2.17
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.12.03
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.14.02
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.15.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.16.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.01
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.13.15
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.14.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.15.6
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.16.01
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.17
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.17.03
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.13.04
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-932l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.13.15
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.17
-
cpe:2.3:o:dlink:dcs-932l_firmware:2.17.01
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.13.05
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.14.11
-
cpe:2.3:o:dlink:dcs-933l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-933l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-933l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-933l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-933l_firmware:2.17
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-942l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-942l_firmware:2.11.03
-
cpe:2.3:o:dlink:dcs-942l_firmware:2.12
-
cpe:2.3:o:dlink:dcs-942l_firmware:2.14
-
cpe:2.3:o:dlink:dcs-942l_firmware:2.16
-
cpe:2.3:o:dlink:dcs-942l_firmware:2.17