CVE-2018-7698

Published: Mar 5, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. The mydlink+ app sends the username and password for connected D-Link cameras (such as DCS-933L and DCS-934L) unencrypted from the app to the camera, allowing attackers to obtain these credentials and gain control of the camera including the ability to view the camera's stream and make changes without the user's knowledge.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.nickleghorn.com/2019/06/16/d-link-security-cameras-using-mydlink-app-leak-passwords/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-7698

Description

Affected Products

References