ID CVE-2017-5173
Summary An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution.
References
Vulnerable Configurations
  • cpe:2.3:o:geutebruck:ip_camera_g-cam_efd-2250_firmware:1.11.0.12
    cpe:2.3:o:geutebruck:ip_camera_g-cam_efd-2250_firmware:1.11.0.12
  • cpe:2.3:h:geutebruck:ip_camera_g-cam_efd-2250
    cpe:2.3:h:geutebruck:ip_camera_g-cam_efd-2250
CVSS
Base: 10.0
Impact:
Exploitability:
CWE CWE-943
CAPEC
exploit-db via4
author RandoriSec
date 2017-02-15
description Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit)
file platforms/hardware/webapps/41360.rb
id 41360
platform hardware
port 0
type webapps
refmap via4
bid 96209
misc https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02
Last major update 18-05-2017 - 23:29
Published 18-05-2017 - 23:29
Last modified 31-08-2017 - 21:29
Back to Top