CVE-2018-18441

{"id": "CVE-2018-18441", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-12-20T23:29:00.707", "references": [{"url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."}, {"lang": "es", "value": "Las c\u00e1maras Wi-Fi D-Link Serie DCS exponen informaci\u00f3n sensible relacionada con la configuraci\u00f3n del dispositivo. Los dispositivos afectados incluyen muchos de la serie DCS como: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L y muchos m\u00e1s. Hay muchas versiones de firmware afectadas, comenzando por la 1.00 y siguientes. Se puede acceder de forma remota al archivo de configuraci\u00f3n mediante: Camera-IP/common/info.cgi, sin autenticaci\u00f3n. El archivo de configuraci\u00f3n incluye los siguientes campos: modelo, producto, marca, versi\u00f3n, build, versi\u00f3n de hardware, versi\u00f3n de nipca, nombre del dispositivo, ubicaci\u00f3n, direcci\u00f3n MAC, direcci\u00f3n IP, direcci\u00f3n IP de la puerta de enlace, estado inal\u00e1mbrico, opciones de entrada/salida, altavoz y opciones del sensor."}], "lastModified": "2023-04-26T19:27:52.350", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-936l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B7BA11A-3EA2-4B51-9F1D-CA490309B8F6", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-936l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28203D6B-3BAD-4317-A43E-FB4F7DF6EB6C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-942l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4F19A9B-F477-4288-A4B6-039769204C90", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D04A473-87F2-4B8C-8FBF-BC02CF0DA8FD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-8000lh_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "800EE948-8756-46AD-9B05-7092A87216E0", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-8000lh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C39037E2-5703-46C7-AA44-7E8E8FE1DE62"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D1998AD-B8E2-4725-B50B-86D189DE0442", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED97B580-A1FF-4207-91E2-8B0DAA6B2277"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-5222l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D6125BC-025C-4407-AC47-414821DB33B1", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5222l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97C4B9CD-6029-4B92-8785-1349292EDD69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-825l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E470C8A-9980-4EDD-B3D1-7B9C93714918", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-825l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "465C691A-5068-474F-9BCF-D3CD99388EE4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2630l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEF7F10E-CF1D-4C38-B8C1-F987AFAF77EB", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2630l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E09D0791-AAE2-4D42-A52D-D8755664BC4A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-820l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A0520A-9E40-45B0-89FE-D0139D0EFFD9", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-820l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E9D9AF38-6CC7-4651-97E7-7E26583021B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-855l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E40374D0-6021-4AF0-946C-CDC556686768", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-855l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C3B756F-053B-43F1-B94E-F02E4B6CFB4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2121_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9A5A20-FD4F-4837-A76B-873EF2C24D0D", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2121:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC1DE485-2705-4394-BC93-0BE99FE02F12"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-5222lb1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68180870-7D72-44E2-AE93-DC7FD03E38C2", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5222lb1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5C226B9-0C16-46D2-B169-33D500BFF726"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75848042-1899-41AB-AF25-735F78F91BBA", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B00912CC-6F2F-4F13-BED1-0DCD4DF965DB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6866E6F-BBD2-4C46-8621-466147D0A1B2", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F24CD425-B7C1-4828-AC1A-1A72A3559746"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-8100lh_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CD73EB3-82E4-4F47-B4CD-EE71714BC0F0", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-8100lh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "92B26777-214B-47D8-82F9-FFFF200D2228"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-932l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "214CB888-1F26-4DB2-B1E7-4CBCB9F71942", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-932l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34775D9A-F16B-43C5-A8F4-88C0F9760364"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-2102_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2B7033-E82D-42C9-BB5F-F32F2E0E4926", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-2102:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78CD04CA-964A-4D74-B30E-7DC53E1858B6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dcs-942lb1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D1998AD-B8E2-4725-B50B-86D189DE0442", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-942lb1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED97B580-A1FF-4207-91E2-8B0DAA6B2277"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-933l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0D43CDA-07AF-41D6-A0DC-A1F550F87901", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-933l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "414352B6-6760-4D78-91FC-5198F62981E9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dcs-5030l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01A5E49-6B5E-4CC5-A4FA-A2E52F31C9BA", "versionStartIncluding": "1.00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dcs-5030l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3BC9A416-A780-4532-8221-5674A7911198"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}