Published: 29/01/2020 Updated: 01/02/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zavio f3105_firmware
zavio f312a_firmware

Core Security - Corelabs Advisory corelabscoresecuritycom Zavio IP Cameras multiple vulnerabilities 1 *Advisory Information* Title: Zavio IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0302 Advisory URL: wwwcoresecuritycom/advisories/zavio-IP-cameras-multiple-vulnerabilities Date published: 2013-05-28 Date of last ...

Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1603 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities ...

CWE-78 https://exchange.xforce.ibmcloud.com/vulnerabilities/84567 http://www.securityfocus.com/bid/60188 https://packetstormsecurity.com/files/cve/CVE-2013-2570 https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities https://nvd.nist.gov https://www.exploit-db.com/exploits/25815/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2570

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect