1. Home
  2. CVE Database
  3. CVE-2018-17879
CRITICAL · 9.8

CVE-2018-17879

An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.

Vulnerability Description

An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
AbusTvip 10000 Firmware-
AbusTvip 10000-
AbusTvip 10001 Firmware-
AbusTvip 10001-
AbusTvip 10005 Firmware-
AbusTvip 10005-
AbusTvip 10005A Firmware-
AbusTvip 10005A-
AbusTvip 10005B Firmware-
AbusTvip 10005B-
AbusTvip 10050 Firmware-
AbusTvip 10050-
AbusTvip 10051 Firmware-
AbusTvip 10051-
AbusTvip 10055A Firmware-
AbusTvip 10055A-
AbusTvip 10055B Firmware-
AbusTvip 10055B-
AbusTvip 10500 Firmware-
AbusTvip 10500-

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2018-17879?

CVE-2018-17879 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.

How severe is CVE-2018-17879?

CVE-2018-17879 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-17879?

Check the references section above for vendor advisories and patch information. Affected products include: Abus Tvip 10000 Firmware, Abus Tvip 10000, Abus Tvip 10001 Firmware, Abus Tvip 10001, Abus Tvip 10005 Firmware.