CVE-2013-1600

high-risk
Published 2020-01-28

An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information.

Do I need to act?

!
72.9% chance of exploitation in next 30 days
EPSS score — higher than 27% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
25138
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (4)

Affected Vendors

Dlink

References (10)

Third Party Advisory http://www.securityfocus.com/bid/59566
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/83916
Third Party Advisory https://packetstormsecurity.com/files/cve/CVE-2013-1600
Permissions Required https://vuldb.com/?id.8572
Exploit https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabiliti...
Third Party Advisory http://www.securityfocus.com/bid/59566
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/83916
Third Party Advisory https://packetstormsecurity.com/files/cve/CVE-2013-1600
Permissions Required https://vuldb.com/?id.8572
Exploit https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabiliti...
57
/ 100
high-risk
Severity 21/34 · High
Exploitability 26/34 · High
Exposure 10/34 · Low