Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11564 | 1 Dlink | 2 Eyeon Baby Monitor, Eyeon Baby Monitor Firmware | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack. | |||||
CVE-2017-11563 | 1 Dlink | 2 Eyeon Baby Monitor, Eyeon Baby Monitor Firmware | 2018-11-02 | 10.0 HIGH | 9.8 CRITICAL |
D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code execution vulnerability. A UDP "Discover" service, which provides multiple functions such as changing the passwords and getting basic information, was installed on the device. A remote attacker can send a crafted UDP request to finderd to perform stack overflow and execute arbitrary code with root privilege on the device. |