CVE-2020-27540

Name of the Vulnerable Software and Affected Versions: Rostelecom CS-C2SHW version 5.0.082.1

Description: A Bash injection vulnerability and bypass of signature verification exist in the firmware update process. The camera reads firmware update configuration from an SD card file named 'version.json'. The 'fw-sign' parameter from this configuration is directly inserted into a bash command, allowing for potential injection. Firmware updates are run automatically if a special file is present on the inserted SD card.

Recommendations: For version 5.0.082.1, as a temporary workaround, consider restricting access to the SD card or avoiding the use of the automatic firmware update feature until a patch is available. Additionally, restrict the execution of bash commands with external input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.