PT-2020-9162 · Geutebruck · Geutebruck Ip Cameras G-Cam+1

Published

2020-01-17

Updated

2020-01-24

CVE-2019-10958

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx) versions 1.12.0.25 and prior

Description The issue allows a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root.

Recommendations For versions 1.12.0.25 and prior, consider restricting access to network configuration to minimize the risk of exploitation. As a temporary workaround, limit the ability to supply system commands to the server until a fix is available.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2019-10958

Affected Products

Geutebruck Ip Cameras G-Cam

Geutebruck Ip Cameras G-Code

PT-2020-9162 · Geutebruck · Geutebruck Ip Cameras G-Cam+1

CVE-2019-10958

Weakness Enumeration

Related Identifiers

Affected Products

References · 3