ASSA ABLOY Yale WIPC-303W Operating System OS Command Injection Vulnerability

ASSA ABLOY Yale WIPC-303W is a home smart camera from ASSA ABLOY, Sweden. The ASSA ABLOY Yale WIPC-303W 2.21 through 2.31 camera suffers from an operating system command injection vulnerability that stems from command injection in the HTTP API and is susceptible to Remote Command Execution RCE...

PT-2021-10950 · Yale · Yale Wipc-303W

Name of the Vulnerable Software and Affected Versions: Yale WIPC-303W versions 2.21 through 2.31 Description: The issue allows for remote command execution through command injection via the HTTP API. Recommendations: For versions 2.21 through 2.31, update to a version that is not affected by this...