7 matches found
CVE-2023-26609
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wirelessmft ap field...
Code injection
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wirelessmft ap field...
PT-2023-20761 · Abus · Abus Tvip 20000-21150
Name of the Vulnerable Software and Affected Versions: ABUS TVIP 20000-21150 devices Description: The issue allows remote attackers to execute arbitrary code via shell metacharacters in the "/cgi-bin/mft/wireless mft" ap field. This enables attackers to potentially gain control over the device...
ABUS TVIP 安全漏洞
ABUS TVIP is a series of video surveillance cameras from ABUS Germany. A security vulnerability exists in ABUS TVIP version 20000-21150 that originates from allowing remote attackers to execute arbitrary code...
ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution Vulnerability
ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote access as root via ssh...
CVE-2023-26609
The CVE-2023-26609 vulnerability affects ABUS TVIP 20000-21150 devices, where shell metacharacters in the /cgi-bin/mft/wireless_mft ap field allow remote code execution. Public exploit discussions exist (PacketStorm/Wiki entries) and ICS CVE notes confirm remote exploitation with a CVSS v3.1 base...
CVE-2023-26609
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wirelessmft ap field...