Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for g-cam\/ewpc-2275_firmware by geutebrueck

    CVE-2018-19007 (GCVE-0-2018-19007)

    Vulnerability from nvd – Published: 2018-12-14 20:00 – Updated: 2024-08-05 11:23
    VLAI
    Summary
    In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
    Severity
    No CVSS data available.
    CWE
    • CWE-78 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25 Affected: Geutebr&#195
    Affected: &#188
    Affected: ck GmbH E2 Camera Series versions prior to 1.12.0.25
    Date Public
    2018-12-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:23:09.034Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106208"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Geutebr\u0026#195"
                },
                {
                  "status": "affected",
                  "version": "\u0026#188"
                },
                {
                  "status": "affected",
                  "version": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
                }
              ]
            }
          ],
          "datePublic": "2018-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-15T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "106208",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106208"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2018-19007",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Geutebr\u0026#195"
                              },
                              {
                                "version_value": "\u0026#188"
                              },
                              {
                                "version_value": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106208",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106208"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2018-19007",
        "datePublished": "2018-12-14T20:00:00.000Z",
        "dateReserved": "2018-11-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:23:09.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19007 (GCVE-0-2018-19007)

    Vulnerability from cvelistv5 – Published: 2018-12-14 20:00 – Updated: 2024-08-05 11:23
    VLAI
    Summary
    In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
    Severity
    No CVSS data available.
    CWE
    • CWE-78 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25 Affected: Geutebr&#195
    Affected: &#188
    Affected: ck GmbH E2 Camera Series versions prior to 1.12.0.25
    Date Public
    2018-12-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:23:09.034Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106208"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Geutebr\u0026#195"
                },
                {
                  "status": "affected",
                  "version": "\u0026#188"
                },
                {
                  "status": "affected",
                  "version": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
                }
              ]
            }
          ],
          "datePublic": "2018-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-15T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "106208",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106208"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2018-19007",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Geutebr\u0026#195"
                              },
                              {
                                "version_value": "\u0026#188"
                              },
                              {
                                "version_value": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106208",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106208"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2018-19007",
        "datePublished": "2018-12-14T20:00:00.000Z",
        "dateReserved": "2018-11-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:23:09.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }