How severe is CVE-2017-8405?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2017-8405?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2017-8405 - HIGH Severity | CVSS 7.5

Vulnerability Description

An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a user should be authenticated or not before allowing access to the video feed. By default, the value for this flag is zero and can be set/unset using the HTTP interface and network settings tab as shown below. The device requires that a user logging to the HTTP management interface of the device to provide a valid username and password. However, the device does not enforce the same restriction by default on RTSP URL due to the checkbox unchecked by default, thereby allowing any attacker in possession of external IP address of the camera to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.

Related Vulnerabilities

CVE-2002-2438

HIGH

CVSS:7.5(High)

TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.

CWE-2872002

CVE-2009-0130

HIGH

CVSS:7.5(High)

lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which might allow remote attackers to bypass validation of the certificate cha...

CWE-2872009

CVE-2011-2054

HIGH

CVSS:7.5(High)

A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is ...

CWE-2872011

CVE-2012-3824

HIGH

CVSS:7.5(High)

In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization.

CWE-2872012

CVE-2013-1391

HIGH

CVSS:7.5(High)

Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configu...

CWE-2872013

CVE-2013-2569

HIGH

CVSS:7.5(High)

A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to...

CWE-2872013