This host has D-link IP Camera and is prone to cross-site scripting vulnerability.

Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application

No solution or patch is available as of 9th February, 2015. Information regarding this issue will updated once the solution details are available. For updates refer to http://www.dlink.com

The flaw is due to an input passed via the vb.htm script to the 'QUERY_STRING ' parameter is not properly sanitized.

D-link IP camera DCS-2103 with firmware before 1.20

Send a crafted HTTP GET request and check whether it is able read the cookie

• http://packetstormsecurity.com/files/129609
• http://www.osvdb.org/116214

---

Updated on 2015-03-25