2 matches found
Sony Network Cameras OS Command Injection (CVE-2018-3937)
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this...
CVE-2018-3937
Sony IPELA E Series Camera (G5) firmware 1.87.00 contains an OS command injection in the measurementBitrateExec function. A crafted GET request to main.cgi can cause arbitrary commands to run, with impact including high-severity outcomes (based on TALOS: CVSSv3.0 score 9.1, attacker network-visib...