D-Link Camera – Qualys ThreatPROTECT

D-Link Network Camera DCS-936L Weak CSRF Protection Vulnerability

Posted by Kapil Khot on November 12, 2017November 12, 2017

It was a few months ago while working with D-Link on another issue, I was provided with D-Link network camera, DCS-936L. According to D-Link this is a current and most popular product. This device was shipped with latest firmware, version 1.02.01 which had CSRF protection. My goal was to check if this CSRF protection could be … Continue reading “D-Link Network Camera DCS-936L Weak CSRF Protection Vulnerability”

D-Link DCS Series Network Cameras Cross-Site-Request-Forgery (CSRF) Vulnerability

Posted by Kapil Khot on April 23, 2017April 23, 2017

On a recent long weekend, my friend told me about the D-Link camera he’s been using for quite a while. It’s a D-Link DCS-933L network camera which seems to be most popular. At the time of writing this blog there were more than 30000 cameras online. I downloaded the latest firmware for this device. While … Continue reading “D-Link DCS Series Network Cameras Cross-Site-Request-Forgery (CSRF) Vulnerability”