Published: 22/03/2018 Updated: 02/10/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords.

Vulnerable Product	Search on Vulmon	Subscribe to Product
geutebrueck g-cam\\/efd-2250_firmware 1.12.0.4
geutebrueck topfd-2125_firmware 3.15.1

This Metasploit module exploits a an arbitrary command execution vulnerability The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjscgi page and allows an anonymous user to execute arbitrary commands with root privileges Firmware <= 112019 are concerned Tested on 502024 G-Cam/EFD-2250 running 11204 firmware ...

NVD-CWE-Other https://ics-cert.us-cert.gov/advisories/ICSA-18-079-01 http://www.securityfocus.com/bid/103474 https://nvd.nist.gov https://packetstormsecurity.com/files/148380/Geutebruck-simple_loglistjs.cgi-Remote-Command-Execution.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-7520

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect