#VU5826 Authentication bypass in Geutebrück G-Cam - CVE-2017-5174

Cybersecurity Help s.r.o.

Published: 2017-02-14 | Updated: 2018-09-14

Vulnerability identifier: #VU5826

Vulnerability risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2017-5174

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Geutebrück G-Cam
Hardware solutions / Firmware

Vendor: GEUTEBRÜCK GmbH

Description

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to incorrectly imposed access controls in IP camera web interface. A remote unauthenticated attacker can request certain URLs directly, bypass authentication process and gain unauthorized access to IP camera functionality.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Geutebrück G-Cam: 1.11.0.12

External links
https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Two vulnerabilities in Geutebrück G-Cam/EFD-2250 IP camera