PT-2013-4566 · Tp Link · Tp-Link Ip Cameras

Publicado

2013-10-01

Atualizado

2013-10-04

CVE-2013-3688

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TP-Link IP Cameras versions prior to beta firmware LM.1.6.18P12 sign6

Description The issue allows remote attackers to cause a denial of service. This can be achieved in two ways: by sending a request to "cgi-bin/reboot" which causes the device to reboot, or by sending a request to "cgi-bin/hardfactorydefault" which causes the device to reboot and reset to factory defaults.

Recommendations For versions prior to beta firmware LM.1.6.18P12 sign6, update to beta firmware LM.1.6.18P12 sign6 or later to resolve the issue. As a temporary workaround, consider restricting access to the "cgi-bin/reboot" and "cgi-bin/hardfactorydefault" endpoints to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2013-3688

Produtos afetados

Tp-Link Ip Cameras

PT-2013-4566 · Tp Link · Tp-Link Ip Cameras

CVE-2013-3688

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3