A severe vulnerability disclosed last month in D-Link's DCS-930L Network Cloud Camera has been found to affect over 120 other D-Link products because the company's engineers reemployed the same vulnerable component across the different firmware versions used with their devices.
Last month, security researchers from
Senrio discovered that D-Link DCS-930L cameras contained an RCE (remote code execution) vulnerability that allowed crooks to execute arbitrary code on the device.
The company created a proof-of-concept exploit that reset the webcam's password to highlight the issue. Stephen Ridley, the security researcher who discovered the issue, says that he found the same vulnerable component used in over 120 other D-Link products that range from access points to routers, and from data storage systems to modems.
Over 400,000 D-Link devices currently available online
Since the RCE vulnerability can be exploited via a network connection, any vulnerable D-Link device that is reachable via a ping is potentially in danger.
