H3110W0R1D

**Name of the Vulnerable Software and Affected Versions** Uniview ISC 2500-S versions up to 20210930 **Description** A critical vulnerability has been found in the Uniview ISC 2500-S, affecting the function `setNatConfig` of the file `/Interface/DevManage/VM.php`. The manipulation of the arguments `natAddress`, `natPort`, and `natServerPort` leads to OS command injection. This issue may be exploited by attackers to inject malicious code and potentially take control of vulnerable cameras. The exploit has been disclosed to the public and may be used. The vulnerability is linked to the notorious Mirai botnet. **Recommendations** For Uniview ISC 2500-S versions up to 20210930, the vendor has confirmed that the product is end-of-life and should be retired and replaced. As a temporary workaround, consider disabling the `setNatConfig` function until a replacement is available. Restrict access to the `/Interface/DevManage/VM.php` file to minimize the risk of exploitation. Avoid using the arguments `natAddress`, `natPort`, and `natServerPort` in the affected function until the issue is resolved.