In our last post we talked about a vulnerability discovered in the D-Link DCS-930L Cloud Camera. Since then the Senrio Research Team has been working closely with the D-Link Security Incident Report Team. Below we disclose technical details of our efforts.
Entire Product Categories at Risk
According to D-Link 39 models across Connected Home Products, including wifi cameras, camera recorders and storage, are affected by this single vulnerability. What does that mean in terms of exposure to consumers? In a collaboration with Shodan we discovered 400,000 devices publicly accessible that could be affected by this 0day. The DCS-930L camera alone made up 55,000 of the search results. Consumers are encouraged to update their devices with the latest firmware.
39 models across several D-Link Connected Home Product families are affected by this flaw, including WiFi Cameras, Camera Recorders, and Cloud Storage devices