Security for everyone

CVE-2020-25078 Scanner

Detects 'Credential Disclosure' vulnerability in D-Link DCS-2530L and DCS-2670L affects v. DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Url

Parent Category

CVE-2020-25078 Scanner Detail

D-Link DCS-2530L and DCS-2670L are wireless indoor/outdoor surveillance cameras designed to enhance the security of commercial and residential properties. These devices feature 180-degree wide-angle views, Wi-Fi connectivity, motion detection, and high-quality video resolution for optimal coverage and surveillance.

Recently, a vulnerability has been detected in these devices, indicating that the unauthenticated /config/getuser endpoint can allow remote administrator password disclosure. This vulnerability, labeled CVE-2020-25078, puts the privacy and security of the surveillance camera users at risk, as it can be exploited by unauthorized individuals to gain access to confidential information.

If exploited, this vulnerability can allow hackers to discover the remote administrator password and access the surveillance camera without any authentication. Hackers can gain full control of the device, access live footage, tamper with the settings, and even turn off the device's security features. This can lead to the leakage of sensitive information, illegal surveillance, and unauthorized access to the property.

Thanks to the professional features of the securityforeveryone.com platform, readers can easily and quickly learn about vulnerabilities in their digital assets. Through the platform, users can identify vulnerabilities within their assets, develop an efficient remediation plan, and improve their overall security posture, ensuring a safe digital environment.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture