CNNVD-202601-4418 Information

Jan 26, 2026 cve

CNNVD ID

CNNVD-202601-4418

CVE-2026-1419

CNNVD Published: 2026-01-26

Description (Chinese)

D-Link DCS700l是中国友讯（D-Link）公司的一款无线云网络摄像机。 D-Link DCS700l 1.03.09版本存在命令注入漏洞，该漏洞源于对文件/setDayNightMode中参数LightSensorControl的错误操作，可能导致命令注入。

Description (English)

D-Link DCS7000l is a wireless cloud web camera of the Chinese company D-Link. Version D-Link DCS 700l 1.03.09 contains a command-injecting loophole, which results from an error in the parameter LightSensorControl in file/setDayNightMode, which may lead to the command-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2026-01-26

Last Modified

2026-02-24

References

https://vuldb.com/?id.342815 https://www.dlink.com/ https://vuldb.com/?ctiid.342815 https://tzh00203.notion.site/D-Link-DCS700l-v1-03-09-Command-Injection-Vulnerability-in-LightSensorControl-Parameter-2e6b5c52018a80ada0f6d7e72efd7a45?source=copy_link https://vuldb.com/?submit.736554 https://access.redhat.com/security/cve/cve-2026-1419

Share on: