Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Vulnerabilities in D-Link DCS-2530L IP Camera (CVE-2020-25078 and CVE-2020-25079)
Alerts

Vulnerabilities in D-Link DCS-2530L IP Camera (CVE-2020-25078 and CVE-2020-25079)

3 April 2021

SingCERT has received information on vulnerable D-Link DCS-2530L Internet Protocol (IP) cameras in Singapore.

These vulnerabilities are:
CVE-2020-25078 — Allows an unauthenticated attacker to gain access to the remote administrator password of the device.
CVE-2020-25079 — Allows authenticated users to inject and execute arbitrary system commands.

All versions prior to and including v1.05.05 are affected by these vulnerabilities. Users of the affected products are advised to upgrade to the latest firmware immediately.

The Cyber Security Agency of Singapore’s Cybersecurity Labelling Scheme for consumer smart devices, such as smart home hubs and Wi-Fi routers, helps consumers identify products with better cybersecurity provisions. For more information on this scheme, visit: 

Cybersecurity Labelling Scheme (CLS)

More information is available here:

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180

Back to top