Serious Vulnerability Affects Over 120 D-Link Products - more than 400.000 IoT devices
A stack overflow in D-Link’s popular DCS-930L Wi-Fi cameras can be exploited by a remote attacker for arbitrary code execution, including to overwrite the administrator password of the affected devices, or create a new user account.
The stack overflow bug exists in a service responsible for processing remote commands and it can be exploited “with a single command which contains custom assembly code and a string crafted to exercise the overflow,”
An attacker could do virtually anything with this flaw, including snoop on network traffic and install backdoors.
This info comes from the article:
▻http://www.securityweek.com/serious-vulnerability-affects-over-120-d-link-products
The company Senrio who discovered the bug: