Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are performed from the app (e.g., change camera settings or play lullabies), it communicates directly with the Wi-Fi camera (D-Link 825L firmware 1.08) with the credentials (username and password) in base64 cleartext. An attacker could conduct an MitM attack on the local network and very easily obtain these credentials.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link myDlink Baby App 加密问题漏洞
Vulnerability Description
D-Link myDlink Baby App是友讯(D-Link)公司的一款用于管理控制D-Link婴儿监视器的应用程序。 D-Link myDlink Baby App 2.04.06版本中存在安全漏洞,该漏洞源于当使用该应用程序执行操作时(例如,修改摄像头设置或播放摇篮曲),程序用base64编码的明文凭证(用户名和密码)直接与Wi-Fi摄像头(采用1.08版本固件的D-Link 825L)通信。本地攻击者可通过实施中间人攻击利用该漏洞获取凭证。
CVSS Information
N/A
Vulnerability Type
N/A