Computer Security
[EN] no-pyccku

Related information

  D-Link DCS-2103 security vulnerabilities

  AoF ana CSRF vulnerabilities in D-Link DCS-2103

  CSRF and XSS vulnerabilities in D-Link DCS-2103

  BF and XSS vulnerabilities in D-Link DCS-2103

From:MustLive <mustlive_(at)>
Subject:Vulnerabilities in D-Link DCS-2103

Hello 3APA3A!

There are Directory Traversal and Full path disclosure vulnerabilities in D-Link DCS-2103 (IP camera).

Affected products:

Vulnerable is the next model: D-Link DCS-2103, Firmware 1.0.0. This model with other firmware versions also must be vulnerable.

I found these vulnerabilities at 11.07.2014 and later informed D-Link. But they haven't answered. It looks like they are busy with fixing vulnerabilities in DAP-1360, which I wrote about earlier.


Directory Traversal (Arbitrary File Download) (WASC-33):


Full path disclosure (WASC-13):



I disclosed these vulnerabilities at my site (

I found this and other web cameras during summer to watch terrorists activities in Donetsk and Lugansks regions of Ukraine (
). You can watch my videos in the playlist Ukrainian Cyber Forces: video reconnaissance

Best wishes & regards,
Administrator of Websecurity web site

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod