Sign-up

ID

VAR-200408-0226


CVE

CVE-2004-1650


TITLE

D-Link Securicam Network DCS-900 Internet Camera Remote Configuration Vulnerability

Trust: 0.9

sources: BID: 11072 // CNNVD: CNNVD-200408-238

DESCRIPTION

D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. D-Link Securicam Network DCS-900 Internet Camera is reportedly affected by a remote configuration vulnerability. An attacker may leverage this issue to hijack the vulnerable camera, ultimately triggering a denial of service condition, as the unsuspecting user will be unable to connect to the device without having its IP address

Trust: 1.26

sources: NVD: CVE-2004-1650 // BID: 11072 // VULHUB: VHN-10080

AFFECTED PRODUCTS

vendor:d linkmodel:dcs-900 internet camerascope:eqversion:2.28

Trust: 1.9

vendor:d linkmodel:dcs-900 internet camerascope:eqversion:2.20

Trust: 1.9

vendor:d linkmodel:dcs-900 internet camerascope:eqversion:2.10

Trust: 1.9

sources: BID: 11072 // CNNVD: CNNVD-200408-238 // NVD: CVE-2004-1650

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-1650
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200408-238
value: HIGH

Trust: 0.6

VULHUB: VHN-10080
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-1650
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10080
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10080 // CNNVD: CNNVD-200408-238 // NVD: CVE-2004-1650

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1650

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200408-238

TYPE

Design Error

Trust: 0.9

sources: BID: 11072 // CNNVD: CNNVD-200408-238

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-10080

EXTERNAL IDS
db:NVDid:CVE-2004-1650
Trust: 2.0
db:BIDid:11072
Trust: 2.0
db:SECTRACKid:1011100
Trust: 1.7
db:SECUNIAid:12425
Trust: 1.7
db:CNNVDid:CNNVD-200408-238
Trust: 0.7
db:XFid:17171
Trust: 0.6
db:XFid:900
Trust: 0.6
db:BUGTRAQid:20040831 D-LINK DCS-900 IP CAMERA REMOTE EXPLOIT THAT CHANGE THE IP
Trust: 0.6
db:EXPLOIT-DBid:425
Trust: 0.1
db:VULHUBid:VHN-10080
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10080 // 
            
            
            
            BID: 11072 // 
            
            
            
            CNNVD: CNNVD-200408-238 // 
            
            
            
            NVD: CVE-2004-1650

REFERENCES
url:http://www.securityfocus.com/bid/11072
Trust: 1.7
url:http://securitytracker.com/id?1011100
Trust: 1.7
url:http://secunia.com/advisories/12425
Trust: 1.7
url:http://miscname.com/public/dcs-900/
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/17171
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=109396893820049&w=2
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/17171
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=109396893820049&w=2
Trust: 0.6
url:http://www.dlink.com/products/?pid=270
Trust: 0.3
url:/archive/1/373527
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=109396893820049&w=2
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10080 // 
            
            
            
            BID: 11072 // 
            
            
            
            CNNVD: CNNVD-200408-238 // 
            
            
            
            NVD: CVE-2004-1650

CREDITS
The individual responsible for discovery of this issue is currently unknown.
Trust: 0.9
sources:
            
            
            BID: 11072 // 
            
            
            
            CNNVD: CNNVD-200408-238

SOURCES
db:VULHUBid:VHN-10080
db:BIDid:11072
db:CNNVDid:CNNVD-200408-238
db:NVDid:CVE-2004-1650

LAST UPDATE DATE
2024-08-14T13:51:16.051000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-10080date:2017-07-11T00:00:00
db:BIDid:11072date:2009-07-12T06:17:00
db:CNNVDid:CNNVD-200408-238date:2005-10-20T00:00:00
db:NVDid:CVE-2004-1650date:2017-07-11T01:31:13.497

SOURCES RELEASE DATE
db:VULHUBid:VHN-10080date:2004-08-31T00:00:00
db:BIDid:11072date:2004-08-31T00:00:00
db:CNNVDid:CNNVD-200408-238date:2004-08-31T00:00:00
db:NVDid:CVE-2004-1650date:2004-08-31T04:00:00