Lucene search

PRIOn knowledge basePRION:CVE-2013-2578

HistoryOct 11, 2013 - 9:55 p.m.

Code injection

2013-10-1121:55:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

JSON

cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.

CPENameOperatorVersion
lm_firmwareeq<= 1.6.18p12-sign5

CPE	Name	Operator	Version
	lm_firmware	eq	<= 1.6.18p12-sign5

References

www.coresecurity.com/advisories/multiple-vulnerabilities-tp-link-tl-sc3171-ip-cameras

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for PRION:CVE-2013-2578