CVE-2017-7852 — HIGH (8.8) — White Hats Nepal

Q: How severe is CVE-2017-7852?

CVE-2017-7852 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-7852?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dcs-2230L Firmware, Dlink Dcs-2230L, Dlink Dcs-2310L Firmware, Dlink Dcs-2310L, Dlink Dcs-2332L Firmware.

Vulnerability Description

D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim's DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dlink	Dcs-2230L Firmware	<= 1.03.01
Dlink	Dcs-2230L	-
Dlink	Dcs-2310L Firmware	<= 1.08.01
Dlink	Dcs-2310L	-
Dlink	Dcs-2332L Firmware	<= 1.08.01
Dlink	Dcs-2332L	-
Dlink	Dcs-6010L Firmware	<= 1.15.01
Dlink	Dcs-6010L	-
Dlink	Dcs-7010L Firmware	<= 1.08.01
Dlink	Dcs-7010L	-
Dlink	Dcs-2530L Firmware	<= 1.00.21
Dlink	Dcs-2530L	-
Dlink	Dcs-930L Firmware	<= 1.15.04
Dlink	Dcs-930L	-
Dlink	Dcs-932L Firmware	<= 1.13.04
Dlink	Dcs-932L	-
Dlink	Dcs-934L Firmware	<= 1.04.15
Dlink	Dcs-934L	-
Dlink	Dcs-942L Firmware	<= 1.27
Dlink	Dcs-942L	-

Related Weaknesses (CWE)

CWE-352

References

https://www.qualys.com/2017/02/22/qsa-2017-02-22/qsa-2017-02-22.pdfExploitMitigationThird Party Advisory
https://www.qualys.com/2017/02/22/qsa-2017-02-22/qsa-2017-02-22.pdfExploitMitigationThird Party Advisory

FAQ

What is CVE-2017-7852?

CVE-2017-7852 is a vulnerability with a CVSS score of 8.8 (HIGH). D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the '...

How severe is CVE-2017-7852?

CVE-2017-7852 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-7852?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dcs-2230L Firmware, Dlink Dcs-2230L, Dlink Dcs-2310L Firmware, Dlink Dcs-2310L, Dlink Dcs-2332L Firmware.