Description
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
Related CPE's
o
geutebrueck
g-cam_ebc-2110_firmware
o
geutebrueck
g-cam_ebc-2111_firmware
o
geutebrueck
g-cam_efd-2241_firmware
o
geutebrueck
g-cam_efd-2250_firmware
o
geutebrueck
g-cam_ethc-2230_firmware
o
geutebrueck
g-cam_ethc-2239_firmware
o
geutebrueck
g-cam_ethc-2240_firmware
o
geutebrueck
g-cam_ethc-2249_firmware
o
geutebrueck
g-cam_ewpc-2270_firmware
o
geutebrueck
g-code_eec-2400_firmware
o
geutebrueck
g-code_een-2010_firmware
o
geutebrueck
g-code_een-2040_firmware
o
geutebrueck
g-cam_ebc-2112_firmware
o
geutebrueck
g-cam_efd-2251_firmware
o
geutebrueck
g-cam_ewpc-2275_firmware
o
geutebrueck
g-cam_ewpc-2271_firmware
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03
https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-09-13T18:15:23.597
3 years agoLast modified
2023-11-07T03:35:52.310
1 year ago