Search
Find a vulnerability
Search criteria
2 vulnerabilities found for g-cam\/ewpc-2275_firmware by geutebrueck
CVE-2018-19007 (GCVE-0-2018-19007)
Vulnerability from nvd – Published: 2018-12-14 20:00 – Updated: 2024-08-05 11:23
VLAI
Summary
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
Severity
No CVSS data available.
CWE
- CWE-78 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106208 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25 |
Affected:
GeutebrÃ
Affected: ¼ Affected: ck GmbH E2 Camera Series versions prior to 1.12.0.25 |
Date Public
2018-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:09.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106208"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Geutebr\u0026#195"
},
{
"status": "affected",
"version": "\u0026#188"
},
{
"status": "affected",
"version": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
}
]
}
],
"datePublic": "2018-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-15T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106208"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-19007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
"version": {
"version_data": [
{
"version_value": "Geutebr\u0026#195"
},
{
"version_value": "\u0026#188"
},
{
"version_value": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106208"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-19007",
"datePublished": "2018-12-14T20:00:00.000Z",
"dateReserved": "2018-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:23:09.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19007 (GCVE-0-2018-19007)
Vulnerability from cvelistv5 – Published: 2018-12-14 20:00 – Updated: 2024-08-05 11:23
VLAI
Summary
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
Severity
No CVSS data available.
CWE
- CWE-78 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106208 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25 |
Affected:
GeutebrÃ
Affected: ¼ Affected: ck GmbH E2 Camera Series versions prior to 1.12.0.25 |
Date Public
2018-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:09.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106208"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Geutebr\u0026#195"
},
{
"status": "affected",
"version": "\u0026#188"
},
{
"status": "affected",
"version": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
}
]
}
],
"datePublic": "2018-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-15T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106208"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-19007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Geutebr\u0026#195;\u0026#188;ck GmbH E2 Camera Series versions prior to 1.12.0.25",
"version": {
"version_data": [
{
"version_value": "Geutebr\u0026#195"
},
{
"version_value": "\u0026#188"
},
{
"version_value": "ck GmbH E2 Camera Series versions prior to 1.12.0.25"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106208"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-19007",
"datePublished": "2018-12-14T20:00:00.000Z",
"dateReserved": "2018-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:23:09.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}