ABUS TVIP 20000-21150 devices allows remote malicious users to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.
ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities When coupled together, they can be leveraged to achieve remote access as root via ssh ...