Описание
The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:iptime:c200_firmware:1.0.12:*:*:*:*:*:*:*
cpe:2.3:h:iptime:c200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02892
Низкий
8 High
CVSS3
7.7 High
CVSS2
Дефекты
CWE-20
CWE-77
Связанные уязвимости
github
больше 3 лет назад
The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value.
EPSS
Процентиль: 86%
0.02892
Низкий
8 High
CVSS3
7.7 High
CVSS2
Дефекты
CWE-20
CWE-77