An issue exists on certain ABUS TVIP cameras. The CGI scripts allow remote malicious users to execute code via system() as root. There are several injection points in various scripts.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
abus tvip_10000_firmware - |
||
abus tvip_10001_firmware - |
||
abus tvip_10005_firmware - |
||
abus tvip_10005a_firmware - |
||
abus tvip_10005b_firmware - |
||
abus tvip_10050_firmware - |
||
abus tvip_10051_firmware - |
||
abus tvip_10055a_firmware - |
||
abus tvip_10055b_firmware - |
||
abus tvip_10500_firmware - |
||
abus tvip_10550_firmware - |
||
abus tvip_11000_firmware - |
||
abus tvip_11050_firmware - |
||
abus tvip_11500_firmware - |
||
abus tvip_11501_firmware - |
||
abus tvip_11502_firmware - |
||
abus tvip_11550_firmware - |
||
abus tvip_11551_firmware - |
||
abus tvip_11552_firmware - |
||
abus tvip_20000_firmware - |
||
abus tvip_20050_firmware - |
||
abus tvip_20500_firmware - |
||
abus tvip_20550_firmware - |
||
abus tvip_21000_firmware - |
||
abus tvip_21050_firmware - |
||
abus tvip_21500_firmware - |
||
abus tvip_21501_firmware - |
||
abus tvip_21502_firmware - |
||
abus tvip_21550_firmware - |
||
abus tvip_21551_firmware - |
||
abus tvip_21552_firmware - |
||
abus tvip_22500_firmware - |
||
abus tvip_31000_firmware - |
||
abus tvip_31001_firmware - |
||
abus tvip_31050_firmware - |
||
abus tvip_31500_firmware - |
||
abus tvip_31501_firmware - |
||
abus tvip_31550_firmware - |
||
abus tvip_31551_firmware - |
||
abus tvip_32500_firmware - |
||
abus tvip_51500_firmware - |
||
abus tvip_51550_firmware - |
||
abus tvip_71500_firmware - |
||
abus tvip_71501_firmware - |
||
abus tvip_71550_firmware - |
||
abus tvip_71551_firmware - |
||
abus tvip_72500_firmware - |
Vulmon