A password disclosure vulnerability in the D-Link DCS-9xx series IP cameras allows attackers to gain administrator level access to the camera when on the same broadcast domain.
CVE-2012-4046
Details:
http://www.fishnetsecurity.com/6labs/blog/password-disclosure-d-link-surveillance-cameras-cve-2012-4046