D-Link.DCS5605.PTZ.ActiveX.SelectDirectory.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in D-Link DCS-5605.
The vulnerability, which is located in the PTZ ActiveX control, can be exploited through misuse of a vulnerable method "SelectDirectory". It allows a remote attacker to execute arbitrary code via sending a crafted web page.

affected-products-logoAffected Products

D-Link DCS-5605 PTZ 0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Disable this ActiveX Control by setting its kill bit {721700FE-7F0E-49C5-BDED-CA92B7CB1245}, by the method shown on the website: http://support.microsoft.com/kb/240797

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-01 14.540 Name:DLink.
DCS5605.
PTZ.
ActiveX.
SelectDirectory.
Buffer.
Overflow:D-Link.
DCS5605.
PTZ.
ActiveX.
SelectDirectory.
Buffer.
Overflow