26 matches found
CVE-2026-7833
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...
EUVD-2026-27319
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...
CVE-2026-7833
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...
CVE-2026-7833
CVE-2026-7833 affects EFM ipTIME C200 firmware up to 1.092. The vulnerability lies in the function sub_408F90 of /cgi/iux_set.cgi (ApplyRestore Endpoint), where improper handling of the RestoreFile argument enables remote command injection. Impact includes high risk to confidentiality, integrity,...
CVE-2026-7833 EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...
CVE-2026-7833
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...
EFM ipTIME C200 注入漏洞
EFM ipTIME C200 is a network camera device produced by the South Korean company EFM. The EFM ipTIME C200 models starting from version 1.092 and earlier have a vulnerability that stems from the sub408F90 function’s ApplyRestore endpoint, which processes the RestoreFile parameter. This vulnerabilit...
CVE-2020-7879
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
EUVD-2021-13408
Malware in sbrugna...
EUVD-2020-28780
Malware in sbrugna...
EUVD-2020-28811
Malware in sbrugna...
CVE-2021-26614
iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...
CVE-2020-7848
The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value...
CVE-2020-7879
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
Design/Logic Flaw
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
CVE-2020-7879 ipTIME C200 IP Camera command injection vulnerability
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
EFM ipTIME C200 IP Camera 操作系统命令注入漏洞
EFM ipTIME C200 IP Camera is a hardware device from EFM Korea. It provides a camera device for surveillance. The EFM ipTIME C200 IP Camera suffers from an operating system command injection vulnerability that stems from the fact that when the ipTIME C200 IP Camera is synchronized with the ipTIME...
CVE-2021-26614
iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...
CVE-2021-26614
iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...
Remote code execution
iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...