Lucene search
CERTVDECVELIST:CVE-2021-33544HistorySep 13, 2021 - 5:55 p.m.
CVE-2021-33544 UDP Technology/Geutebrück camera devices: command injection leading to RCE
2021-09-1317:55:33
CWE-78
CERTVDE
www.cve.org
11
udp technology
geutebrück
camera devices
command injection
vulnerability
remote code execution
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.975
Percentile
100.0%
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
CNA Affected
[
{
"vendor": "Geutebrück",
"product": "E2 Series",
"versions": [
{
"version": "EBC-21xx 1.12.13.2",
"status": "affected"
},
{
"version": "EBC-21xx 1.12.14.5",
"status": "affected"
},
{
"version": "EFD-22xx 1.12.13.2",
"status": "affected"
},
{
"version": "EFD-22xx 1.12.14.5",
"status": "affected"
},
{
"version": "ETHC-22xx 1.12.13.2",
"status": "affected"
},
{
"version": "ETHC-22xx 1.12.14.5",
"status": "affected"
},
{
"version": "EWPC-22xx 1.12.13.2",
"status": "affected"
},
{
"version": "EWPC-22xx 1.12.14.5",
"status": "affected"
},
{
"version": "EBC-21xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
},
{
"version": "EFD-22xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
},
{
"version": "ETHC-22xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
},
{
"version": "EWPC-22xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
}
]
},
{
"vendor": "Geutebrück",
"product": "Encoder G-Code",
"versions": [
{
"version": "EEC-2xx 1.12.13.2",
"status": "affected"
},
{
"version": "EEC-2xx 1.12.14.5",
"status": "affected"
},
{
"version": "EEN-20xx 1.12.13.2",
"status": "affected"
},
{
"version": "EEN-20xx 1.12.14.5",
"status": "affected"
},
{
"version": "EEC-2xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
},
{
"version": "EEN-20xx",
"status": "affected",
"lessThanOrEqual": "1.12.0.27",
"versionType": "custom"
}
]
}
]Related
prion
prion
Command injection
2021-09-13 18:15:00
nvd
nvd
CVE-2021-33544
2021-09-13 18:15:21
cve
cve
CVE-2021-33544
2021-09-13 18:15:21
checkpoint_advisories
checkpoint_advisories
UDP Technology IP Camera Command Injection (CVE-2021-33544)
2021-09-24 00:00:00
nuclei
nuclei
Geutebruck - Remote Command Injection
2021-07-12 04:10:31
seebug
seebug
UDP Technology IP 摄像头认证绕过 RCE 漏洞(CVE-2021-33543、CVE-2021-33544)
2021-08-10 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-09-03 16:30:26
metasploit
metasploit
Geutebruck Multiple Remote Command Execution
2021-08-31 23:24:14
zdt
zdt
Geutebruck Remote Command Execution Exploit
2021-09-02 00:00:00
packetstorm
packetstorm
Geutebruck Remote Command Execution
2021-09-02 00:00:00
malwarebytes
malwarebytes
ics
ics
Geutebrück G-Cam E2 and G-Code
2021-07-27 12:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.975
Percentile
100.0%
Related for CVELIST:CVE-2021-33544