CVE-2013-1598

Sažetak

A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.

Reference

http://www.securityfocus.com/bid/59575
https://exchange.xforce.ibmcloud.com/vulnerabilities/83946
https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt
https://packetstormsecurity.com/files/cve/CVE-2013-1598
https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

31-01-2020 - 18:57

Objavljeno

24-01-2020 - 19:15