CVE-2018-9157

Name of the Vulnerable Software and Affected Versions AXIS M1033-W (IP camera) Firmware version 5.40.5.1

Description An issue was discovered where the upload web page does not verify the file type, allowing an attacker to upload a webshell by making a fileUpload.shtml request for a custom .shtml file. This file is interpreted by the Apache HTTP Server mod include module, which supports the execution of system commands using the "<!--#exec cmd=" syntax. The uploaded file must include a specific string to align with the internal system architecture. After uploading the webshell, an attacker can use it to perform remote code execution, such as running system commands.

Recommendations For AXIS M1033-W (IP camera) Firmware version 5.40.5.1, consider restricting access to the file upload feature until further guidance is provided by the vendor, as the vendor reportedly indicates that this is an intended feature or functionality. At the moment, there is no information about a newer version that contains a fix for this issue.