top of page
perceptive_background_267k.jpg

Multiple India-based CCTV Cameras

Published:

9 december 2025 om 12:00:00

Alert date:

9 december 2025 om 18:02:56

Source:

cisa.gov

Click to open the original link from this advisory

Multiple India-based CCTV cameras from D-Link, Sparsh Securitech, and Securus CCTV are affected by a critical authentication bypass vulnerability (CVE-2025-13607) with CVSS v4 score of 9.3. The vulnerability allows remote attackers to access camera configuration information and account credentials without authentication through a vulnerable URL. Affected products include D-Link DCS-F5614-L1 versions v1.03.038 and prior. D-Link has released security updates, while other vendors have not responded to CISA coordination efforts. The vulnerability is exploitable remotely with low attack complexity and could result in information disclosure including credential capture.

Technical details

Mitigation steps:

Affected products:

DCS-F5614-L1
D-Link CCTV
Sparsh Securitech CCTV
Securus CCTV

Related links:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-343-03
https://github.com/cisagov/CSAF
https://cwe.mitre.org/data/definitions/306.html
https://www.cve.org/CVERecord?id=CVE-2025-13607
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
https://www.securuscctv.com/contactus
https://www.sparshsecuritech.com/contact-us
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10462
https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.cisa.gov/topics/industrial-control-systems
https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page