PT-2017-2911 · Geutebruck · G-Cam/Efd-2250

Davy Douhine

Publicado

2017-02-14

Atualizado

2023-02-15

CVE-2017-5173

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Geutebruck IP Camera G-Cam/EFD-2250 version 1.11.0.12

Description The issue is related to the improper neutralization of special elements in the logic of data requests, which can allow a remote attacker to gain access to the operating system with root privileges and execute arbitrary code. This can potentially lead to remote code execution.

Recommendations For version 1.11.0.12, consider restricting access to the operating system to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-943

Identificadores relacionados

BDU:2017-02236

CVE-2017-5173

Produtos afetados

G-Cam/Efd-2250

PT-2017-2911 · Geutebruck · G-Cam/Efd-2250

CVE-2017-5173

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7