A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.
Conclusion & alert: CVE-2013-1599 is rated High Exploit Risk (83.7/100): CVSS Critical severity, with high exploitation likelihood (EPSS 40.35%, 98th percentile). Core evidence: 4 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 25138 | exploit_db | edb | 2013-05-01 | Exploit-DB ↗ |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 91.90% | 40.35% | -51.54% |
| 2 | 2026-05-02 | 92.33% | 91.90% | -0.43% |
| 3 | 2026-02-12 | — | 92.33% | — |
Full EPSS history (27 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 9.8 | 3.1 | CRITICAL |
|
3.9 | 5.9 | [email protected] |
| 10.0 | 2.0 | HIGH |
|
10.0 | 10.0 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| dlink | dcs-3411_firmware | 1.02 | cpe:2.3:o:dlink:dcs-3411_firmware:1.02:*:*:*:*:*:*:* |
| dlink | dcs-3430_firmware | 1.02 | cpe:2.3:o:dlink:dcs-3430_firmware:1.02:*:*:*:*:*:*:* |
| dlink | dcs-5605_firmware | 1.01 | cpe:2.3:o:dlink:dcs-5605_firmware:1.01:*:*:*:*:*:*:* |
| dlink | dcs-5635_firmware | 1.01 | cpe:2.3:o:dlink:dcs-5635_firmware:1.01:*:*:*:*:*:*:* |
| dlink | dcs-1100l_firmware | 1.04 | cpe:2.3:o:dlink:dcs-1100l_firmware:1.04:*:*:*:*:*:*:* |
| dlink | dcs-1130l_firmware | 1.04 | cpe:2.3:o:dlink:dcs-1130l_firmware:1.04:*:*:*:*:*:*:* |
| dlink | dcs-1100_firmware | 1.03 | cpe:2.3:o:dlink:dcs-1100_firmware:1.03:*:*:*:*:*:*:* |
| dlink | dcs-1100_firmware | 1.04 | cpe:2.3:o:dlink:dcs-1100_firmware:1.04:*:*:*:*:*:*:* |
| dlink | dcs-1130_firmware | 1.03 | cpe:2.3:o:dlink:dcs-1130_firmware:1.03:*:*:*:*:*:*:* |
| dlink | dcs-1130_firmware | 1.04 | cpe:2.3:o:dlink:dcs-1130_firmware:1.04:*:*:*:*:*:*:* |
| dlink | dcs-2102_firmware | 1.05 | cpe:2.3:o:dlink:dcs-2102_firmware:1.05:*:*:*:*:*:*:* |
| dlink | dcs-2121_firmware | 1.05 | cpe:2.3:o:dlink:dcs-2121_firmware:1.05:*:*:*:*:*:*:* |
| dlink | dcs-3410_firmware | 1.02 | cpe:2.3:o:dlink:dcs-3410_firmware:1.02:*:*:*:*:*:*:* |
| dlink | dcs-5230_firmware | 1.02 | cpe:2.3:o:dlink:dcs-5230_firmware:1.02:*:*:*:*:*:*:* |
| dlink | dcs-5230l_firmware | 1.02 | cpe:2.3:o:dlink:dcs-5230l_firmware:1.02:*:*:*:*:*:*:* |
| dlink | dcs-6410_firmware | 1.00 | cpe:2.3:o:dlink:dcs-6410_firmware:1.00:*:*:*:*:*:*:* |
| dlink | dcs-7410_firmware | 1.00 | cpe:2.3:o:dlink:dcs-7410_firmware:1.00:*:*:*:*:*:*:* |
| dlink | dcs-7510_firmware | 1.00 | cpe:2.3:o:dlink:dcs-7510_firmware:1.00:*:*:*:*:*:*:* |
| dlink | wcs-1100_firmware | 1.00 | cpe:2.3:o:dlink:wcs-1100_firmware:1.00:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/25138 | Exploit Third Party Advisory VDB Entry |
| http://www.securityfocus.com/bid/59564 | Third Party Advisory VDB Entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83941 | Third Party Advisory VDB Entry |
| https://packetstormsecurity.com/files/cve/CVE-2013-1599 | Third Party Advisory VDB Entry |
| https://seclists.org/fulldisclosure/2013/Apr/253 | Exploit Mailing List Third Party Advisory |
| https://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities | Exploit Third Party Advisory |