7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
Recent assessments:
gwillcox-r7 at November 25, 2020 5:11pm UTC reported:
The server
GET parameter of the /uapi-cgi/testaction.cgi
page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware versions 1.12.13.2 and 1.12.14.5 is vulnerable to command injection when the type
GET parameter is set to ntp
. Attackers who successfully exploit this vulnerability can gain remote code execution as the root
user, meaning that this a perfect vulnerability for attackers looking to gain an initial foothold into a network.
Additionally as these are security cameras, I imagine there are a lot of nasty things one could potentially do with these devices related to spying on companies and operations that could pave the way to more crimes down the line. So the effects of this attack on an enterprise could potentially go beyond just a network breach.
Fortunately this is an authenticated attack and it requires valid login credentials to exploit. Unfortunately though, these are the types of devices that people tend to set up and then forget about until its needed, so I wouldn’t be surprised if people were still running these cameras with the default credentials of root
and admin
.
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C