CVE-2017-5174 — CRITICAL (9.8)

Vulnerability Description

An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Geutebruck	Ip Camera G-Cam Efd-2250 Firmware	1.11.0.12
Geutebruck	Ip Camera G-Cam Efd-2250	-

Related Weaknesses (CWE)

CWE-288

References

http://www.securityfocus.com/bid/96209Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02Third Party AdvisoryUS Government Resource
https://www.exploit-db.com/exploits/41360/
http://www.securityfocus.com/bid/96209Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02Third Party AdvisoryUS Government Resource
https://www.exploit-db.com/exploits/41360/

FAQ

What is CVE-2017-5174?

CVE-2017-5174 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architectur...

How severe is CVE-2017-5174?

CVE-2017-5174 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-5174?

Check the references section above for vendor advisories and patch information. Affected products include: Geutebruck Ip Camera G-Cam Efd-2250 Firmware, Geutebruck Ip Camera G-Cam Efd-2250.