Skip to main content

Dcs 932l Firmware CVE-2021-41504

HIGH
2021-09-24 cve@mitre.org
8.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.0 HIGH
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 24, 2021 - 20:15 nvd
HIGH 8.0

DescriptionNVD

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

AnalysisAI

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Affected products include: Dlink Dcs-932L Firmware, Dlink Dcs-5000L Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-7852 HIGH POC
8.8 Apr 24

D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access

CVE-2025-5572 HIGH POC
8.8 Jun 04

A critical stack-based buffer overflow vulnerability exists in D-Link DCS-932L camera firmware version 2.18.01 in the se

CVE-2019-10999 HIGH POC
8.8 May 06

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. Rated

CVE-2018-18441 HIGH POC
7.5 Dec 20

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. Rated high severity (CV

CVE-2025-5573 MEDIUM POC
6.3 Jun 04

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the funct

CVE-2025-5571 MEDIUM POC
6.3 Jun 04

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSy

CVE-2021-41503 HIGH
8.0 Sep 24

DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. Rated high severity (CVSS 8.0), th

CVE-2024-37606 MEDIUM
6.5 Dec 17

A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (D

CVE-2012-4046 LOW
3.3 Dec 24

The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packe

CVE-2025-4843 HIGH POC
8.7 May 18

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4842 HIGH POC
8.7 May 17

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4841 HIGH POC
8.7 May 17

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Rated high severity (CVSS 8.7), this vu

Share

CVE-2021-41504 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy