Vulnerability Description
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Geutebrueck | G-Cam\/Efd-2251 Firmware | < 1.12.0.25 |
| Geutebrueck | G-Cam\/Efd-2251 | - |
| Geutebrueck | G-Cam\/Ewpc-2275 Firmware | < 1.12.0.25 |
| Geutebrueck | G-Cam\/Ewpc-2275 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106208Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/106208Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-19007?
CVE-2018-19007 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
How severe is CVE-2018-19007?
CVE-2018-19007 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-19007?
Check the references section above for vendor advisories and patch information. Affected products include: Geutebrueck G-Cam\/Efd-2251 Firmware, Geutebrueck G-Cam\/Efd-2251, Geutebrueck G-Cam\/Ewpc-2275 Firmware, Geutebrueck G-Cam\/Ewpc-2275.