8 matches found
Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution
This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zivif Camera iptest.cgi Blind Remote Command Execution...
CVE-2017-17105
creationtimestamp| type| source ---|---|--- 2020-06-16 12:15:32+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/zivifipcheckexec.rb 2022-12-26 15:30:06+00:00| seen| https://t.me/truesecator/3877 2025-02-06 03:13:43+00:00| seen|...
Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution Exploit
This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zivif Camera iptest.cgi Blind Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Zivi...
Zivif Camera iptest.cgi Blind Remote Command Execution
This module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including v2.3.4.2103. Exploit was reported in CVE-2017-17105. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2017-17105
CVE-2017-17105 affects Zivif PR115-204-P-RS webcams (notably V2.3.4.2103 and V4.7.4.2121 and potentially intermediate builds). The vulnerability is an unauthenticated, blind remote command injection via CGI scripts used in the web interface, demonstrated by a request such as cgi-bin/iptest.cgi?cm...
Zivif Web Cameras Multiple Vulnerabilities
Implementation of access controls is Zivif cameras is severely lacking.As a result, CGI functions can be called directly, bypassing authentication checks. This was first identified with the following request CVE-2017-17106 http:///web/cgi-bin/hi3510/param.cgi?cmd=getuser Cameras respond to this...
Zivif PR115-204-P-RS 2.3.4.2103 Bypass / Command Injection / Hardcoded Password
Attack vector: Remote Authentication: None Researcher: Silas Cutler p1nk Release date: December 10, 2017 Full Disclosure: 90 days CVEs: CVE-2017-17105, CVE-2017-17106, and CVE-2017-17107 Vulnerable Device: Zivif PR115-204-P-RS Version: V2.3.4.2103 Timeline: 1 September 2017: Initial alerting to...