Skip to main content

Dcs 6010L Firmware

2 CVEs product

Monthly

CVE-2025-8155 LOW Monitor

Cross-site scripting (XSS) vulnerability in D-Link DCS-6010L firmware 1.15.03 allows authenticated remote attackers to inject malicious scripts via the paratest argument in the Management Application's /vb.htm endpoint. The vulnerability requires user interaction (UI:P) and affects an end-of-life product with publicly available exploit code, though real-world risk is significantly limited by authentication requirement (PR:L) and very low EPSS score (0.05%).

XSS D-Link Dcs 6010L Firmware
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2017-7852 HIGH POC This Week

D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF D-Link Dcs 2230L Firmware Dcs 2310L Firmware Dcs 2332L Firmware +23
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.5%
EPSS 0% CVSS 2.0
LOW Monitor

Cross-site scripting (XSS) vulnerability in D-Link DCS-6010L firmware 1.15.03 allows authenticated remote attackers to inject malicious scripts via the paratest argument in the Management Application's /vb.htm endpoint. The vulnerability requires user interaction (UI:P) and affects an end-of-life product with publicly available exploit code, though real-world risk is significantly limited by authentication requirement (PR:L) and very low EPSS score (0.05%).

XSS D-Link Dcs 6010L Firmware
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF D-Link Dcs 2230L Firmware +25
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy