Vulnerability Description
/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dcs-2121 Firmware | 1.04 |
| Dlink | Dcs-2121 | All versions |
Related Weaknesses (CWE)
References
- http://newsoft-tech.blogspot.com/2010/09/d-link-dcs-2121-and-state-of-embedded.hExploit
- http://newsoft-tech.blogspot.com/2010/09/d-link-dcs-2121-and-state-of-embedded.hExploit
FAQ
What is CVE-2010-4965?
CVE-2010-4965 is a vulnerability with a CVSS score of 9.0 (HIGH). /etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by ...
How severe is CVE-2010-4965?
CVE-2010-4965 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4965?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dcs-2121 Firmware, Dlink Dcs-2121.