SB2018032102 - Multiple vulnerabilities in Geutebruck IP Cameras

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018032102

SB2018032102 - Multiple vulnerabilities in Geutebruck IP Cameras

Published: March 21, 2018

Security Bulletin ID SB2018032102
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 14% Low 71%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Improper authentication (CVE-ID: CVE-2018-7532)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper authentication. A remote attacker can bypass authentication and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

2) Cross-site request forgery (CVE-ID: CVE-2018-7524)

The vulnerability allows a remote unauthenticated attacker to perform CSRF attack.

The weakness exists due to insufficient CSRF protections. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.

3) Improper access control (CVE-ID: CVE-2018-7520)

The vulnerability allows a remote attacker to download full configuration on the system.

The weakness exists due to improper access control. A remote attacker can download full configuration including passwords.

4) Server-side request forgery (CVE-ID: CVE-2018-7516)

The vulnerability allows a remote attacker to perform SSRF-attack on the target system.

The weakness exists due to insufficient validation of user-supplied input. A remote attacker can perform server-side request forgery attack.

5) Cross-site scripting (CVE-ID: CVE-2018-7512)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The weakness exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


6) CVE-2018-7528 (CVE-ID: CVE-2018-7528)


7) SQL injection (CVE-ID: CVE-2018-7528)

The vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.

Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.


Remediation

Install update from vendor's website.

References