CVE-2013-1598

Опубликовано: 24 янв. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Средний

Описание

A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.

Ссылки

http://www.securityfocus.com/bid/59575
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/83946
Third Party Advisory
VDB Entry
https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt
Exploit
Third Party Advisory
https://packetstormsecurity.com/files/cve/CVE-2013-1598
Third Party Advisory
VDB Entry
https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/59575
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/83946
Third Party Advisory
VDB Entry
https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt
Exploit
Third Party Advisory
https://packetstormsecurity.com/files/cve/CVE-2013-1598
Third Party Advisory
VDB Entry
https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:vivotek:pt7135_firmware:0300a:*:*:*:*:*:*:*

cpe:2.3:o:vivotek:pt7135_firmware:0400a:*:*:*:*:*:*:*

cpe:2.3:h:vivotek:pt7135:-:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.32164

Средний

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-jwv5-cmqr-fc8p

github

почти 4 года назад