2 matches found
CVE-2020-7879
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
CVE-2020-7879
The CVE-2020-7879 entry describes an OS command injection in ipTIME C200 IP Camera when synchronized with ipTIME NAS. The NAS sends a cookie value via setCookie('[COOKIE]') which is inserted into a wget --header argument without validation, enabling remote command execution. Related Red Hat, CVE ...