30 matches found
Rostelecom CS-C2SHW Data Forgery Issue Vulnerability
Rostelecom CS-C2SHW 5.0.082.1 A data forgery issue vulnerability exists, which stems from a firmware update that will automatically run if a special file is inserted on the SD card...
Rostelecom CS-C2SHW Buffer Error Vulnerability
The Rostelecom CS-C2SHW is a camera device. A buffer error vulnerability exists in Rostelecom CS-C2SHW 5.0.082.1. The vulnerability stems from an error in the AgentGreen service parsing broadcast discovery UDP messages. Sending a packet that is too small will result in an attempt to allocate a...
CVE-2020-27542
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads configuration from QR code including network settings. The static IP configuration from QR code is copied to the file /config/ip-static and after reboot data from this file is inserted into bash command without...
CVE-2020-27542
CVE-2020-27542 affects Rostelecom CS-C2SHW 5.0.082.1. The camera reads configuration from a QR code (including network settings). The static IP config is written to /config/ip-static and, after reboot, its contents are inserted into a bash command without escaping, enabling a Bash command injecti...
CVE-2020-27541
Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be terminated and start...
CVE-2020-27541
CVE-2020-27541 affects Rostelecom CS-C2SHW 5.0.082.1, specifically the AgentGreen service. The root cause is a bug in parsing broadcast discovery UDP packets; sending a packet smaller than expected can cause an allocation of a negative buffer size, leading to the AgentGreen service terminating an...
CVE-2020-27539
Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow OOB write. In default configuration camera parses responses only from HTTPS URLs from config file, so vulnerabl...
CVE-2020-27539
CVE-2020-27539 corresponds to a heap-based overflow in Rostelecom CS-C2SHW 5.0.082.1 where the AgentUpdater component uses a self-written HTTP parser/builder. The HTTP parser may perform an out-of-bounds write on a heap buffer. However, the default configuration restricts the camera to parsing re...
CVE-2020-27540
CVE-2020-27540 – Rostelecom CS-C2SHW 5.0.082.1 is a Bash injection and signature verification bypass vulnerability. The camera reads firmware update configuration from SDCard vc\version.json and directly inserts the fw-sign parameter into a Bash command, enabling potentially arbitrary command exe...
rostelecom.ru Open Redirect vulnerability
Vulnerable URL: http://www.rostelecom.ru/bitrix/rk.php?goto=https://www.xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 29.11.2017 Latest check for patch:| 29.11.2017 15:57 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 78597 Google...