Vulnerability Description
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dcs-3411 Firmware | 1.02 |
| Dlink | Dcs-3411 | - |
| Dlink | Dcs-3430 Firmware | 1.02 |
| Dlink | Dcs-3430 | - |
| Dlink | Dcs-5605 Firmware | 1.01 |
| Dlink | Dcs-5605 | - |
| Dlink | Dcs-5635 Firmware | 1.01 |
| Dlink | Dcs-5635 | - |
| Dlink | Dcs-1100L Firmware | 1.04 |
| Dlink | Dcs-1100L | - |
| Dlink | Dcs-1130L Firmware | 1.04 |
| Dlink | Dcs-1130L | - |
| Dlink | Dcs-1100 Firmware | 1.03 |
| Dlink | Dcs-1100 | - |
| Dlink | Dcs-1130 Firmware | 1.03 |
| Dlink | Dcs-1130 | - |
| Dlink | Dcs-2102 Firmware | 1.05 |
| Dlink | Dcs-2102 | - |
| Dlink | Dcs-2121 Firmware | 1.05 |
| Dlink | Dcs-2121 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/59571Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83940Third Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1603Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.8575Permissions Required
- https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilitiExploitThird Party Advisory
- http://www.securityfocus.com/bid/59571Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83940Third Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1603Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.8575Permissions Required
- https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilitiExploitThird Party Advisory
FAQ
What is CVE-2013-1603?
CVE-2013-1603 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-523...
How severe is CVE-2013-1603?
CVE-2013-1603 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1603?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dcs-3411 Firmware, Dlink Dcs-3411, Dlink Dcs-3430 Firmware, Dlink Dcs-3430, Dlink Dcs-5605 Firmware.