1080*80 ad
Home » Blog » CISA Adds D-Link Camera and NVR Flaws to Known Exploited Vulnerabilities List

CISA Adds D-Link Camera and NVR Flaws to Known Exploited Vulnerabilities List

Benhcmark Administrator Benhcmark Administrator
06/08/2025
0 Views 0
CISA Adds D-Link Camera and NVR Flaws to Known Exploited Vulnerabilities List

Urgent Security Alert: Popular D-Link Cameras and Recorders Actively Exploited

If you use D-Link security cameras or network video recorders (NVRs), it’s time for an immediate security check. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a significant warning, adding two vulnerabilities affecting popular D-Link products to its catalog of known exploited threats.

This isn’t a theoretical risk. When a flaw is added to the Known Exploited Vulnerabilities (KEV) catalog, it means there is credible evidence that attackers are actively using it in the wild to compromise systems. Federal agencies are now mandated to patch these devices, and this directive serves as a critical warning for all businesses and home users.

Let’s break down the specific threats and what you need to do to protect yourself.

The Vulnerabilities Explained

The two flaws target different devices but use a similar attack method known as command injection. This allows a remote attacker to execute their own malicious code on your device, effectively giving them control.

1. D-Link DCS-2103 Cloud Camera Flaw (CVE-2015-2051)

This vulnerability affects the D-Link DCS-2103 Cloud Camera. Despite being an older flaw, its inclusion in the KEV catalog indicates that threat actors are newly targeting or have renewed their focus on these devices.

  • The Threat: Attackers can send a specially crafted HTTP request to the camera, tricking it into running unauthorized commands.
  • The Impact: A successful exploit could allow an attacker to view your camera feed, disable it, or use it as a foothold to attack other devices on your network.

2. D-Link DNR-322L NVR Flaw (CVE-2020-25078)

This vulnerability impacts the D-Link DNR-322L Network Video Recorder, a central hub used to manage and store footage from multiple security cameras.

  • The Threat: This is another critical command injection flaw. An unauthenticated attacker can send a malicious message to a specific system script on the device, granting them the ability to execute system-level commands.
  • The Impact: Compromising the NVR is especially dangerous. Attackers could potentially access, alter, or delete all of your stored security footage, cover their tracks, or pivot to attack the connected cameras and your broader network.

Why This Is a Critical Warning for Everyone

While CISA’s directive specifically targets federal agencies, it’s a clear signal for anyone using these products. IoT devices like security cameras and NVRs are often installed and then forgotten, rarely receiving firmware updates. This makes them a prime target for attackers looking for an easy way into a network.

A compromised security device is more than just a privacy risk. It can be used to spy on your property, steal data from other devices on your network, or serve as a gateway for larger attacks, such as distributed denial-of-service (DDoS) campaigns.

How to Protect Your Network: A Step-by-Step Guide

You must take immediate action to determine if you are at risk and secure your devices. Follow these essential steps:

  1. Identify Your Hardware: Check the model numbers on all of your D-Link cameras and network recorders. If you own a DCS-2103 camera or a DNR-322L NVR, you are directly affected.

  2. Update Your Firmware Immediately: The most important step is to apply the latest security patches. Visit the official D-Link support website, find the support page for your specific model, and download and install the latest firmware update. This is designed to fix the vulnerability.

  3. Disconnect and Replace Unpatchable Devices: Many older IoT devices eventually reach their “end-of-life” and no longer receive security updates. If a patch is not available for your device model, the only secure option is to disconnect it from your network and the internet immediately. Continuing to use an unpatched, vulnerable device connected to the internet is an unacceptable risk. Replace it with a modern, supported model.

  4. Strengthen Your Security Posture: Beyond this specific threat, practice good network hygiene to protect all your connected devices:

    • Change Default Passwords: Never use the default administrator username and password that came with your device. Change it to a strong, unique password.
    • Enable Network Segmentation: If possible, place your IoT devices on a separate guest network. This isolates them from your primary computers and sensitive data, limiting the damage an attacker can do if one is compromised.
    • Use a Firewall: Ensure your router’s firewall is enabled to block unsolicited incoming connection attempts.

Staying vigilant about the security of all internet-connected devices is no longer optional. This CISA alert is a potent reminder that even older hardware can become a present-day threat. Take a few minutes today to check your equipment—it could save you from a major security breach tomorrow.

Source: https://securityaffairs.com/180833/security/u-s-cisa-adds-d-link-cameras-and-network-video-recorder-flaws-to-its-known-exploited-vulnerabilities-catalog.html

900*80 ad

Related Articles
      1080*80 ad
      About Hosterdojo

      Hosterdojo reviews server performance, network capabilities, and other related benchmarks. If you are a provider interested in submitting your VPS products, feel free to reach out to me.

      Email: [email protected]
      Telegram Channel: https://t.me/hosterdojo

      Follow

      Useful Link

      Girl in a jacket