CVE-2024-0778

Name of the Vulnerable Software and Affected Versions Uniview ISC 2500-S versions up to 20210930

Description A critical vulnerability has been found in the Uniview ISC 2500-S, affecting the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the arguments natAddress, natPort, and natServerPort leads to OS command injection. This issue may be exploited by attackers to inject malicious code and potentially take control of vulnerable cameras. The exploit has been disclosed to the public and may be used. The vulnerability is linked to the notorious Mirai botnet.

Recommendations For Uniview ISC 2500-S versions up to 20210930, the vendor has confirmed that the product is end-of-life and should be retired and replaced. As a temporary workaround, consider disabling the setNatConfig function until a replacement is available. Restrict access to the /Interface/DevManage/VM.php file to minimize the risk of exploitation. Avoid using the arguments natAddress, natPort, and natServerPort in the affected function until the issue is resolved.