5 matches found
Geutebruck instantrec Remote Command Execution Exploit
This Metasploit module exploits a buffer overflow within the 'action' parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions equal to 1.12.0.27 as well as firmware versions 1.12.13.2 and...
Geutebruck Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Geutebruck Multiple Remote Command Execution', 'Description' = %q This module bypasses the HTTP basic authentication used to access the /uapi-cgi...
Geutebruck testaction.cgi Remote Command Execution Exploit
This Metasploit module exploits an authenticated arbitrary command execution vulnerability within the 'server' GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 'Geutebruck...
CVE-2019-10958
Geutebruck IP Cameras G-Code (EEC-2xxx) and G-Cam (EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx) are affected by CVE-2019-10958. All versions up to 1.12.0.25 may allow a remote authenticated attacker with network configuration access to supply system commands to the server, leading to remote code execut...
CVE-2019-10957
CVE-2019-10957 affects Geutebrück G-Code (EEC-2xxx) and G-Cam (EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx) where all versions up to 1.12.0.25 are vulnerable. The issue is an improper neutralization of input during web page generation (cross-site scripting) that allows a remote authenticated attacker w...