CVE-2012-4046
D-Link DCS-932L Firmware 1.02 - Unauthenticated Password Exposure via UDP Broadcast Packet
Title source: llmDescription
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2012/Dec/98
Scores
EPSS
0.0005
EPSS Percentile
16.6%
Details
CWE
CWE-200
Status
published
Products (2)
dlink/dcs-932l
dlink/dcs-932l_firmware
1.02
Published
Dec 24, 2012
Tracked Since
Feb 18, 2026