Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    13 vulnerabilities by geutebruck

    VAR-201812-0470

    Vulnerability from variot - Updated: 2023-12-18 14:05

    In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root. The Geutebr\303\274ck E2CameraSeries is an E2 series webcam from Geutebr\303\274ck, Germany. A remote attacker can exploit this vulnerability to inject operating system commands with root privileges. Geutebrück GmbH E2 Series IP Cameras are prone to an OS command-injection vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0470",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam\\/efd-2251",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam\\/ewpc-2275",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2251",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ewpc-2275",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "e2 camera series",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "e2 series camera",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebr\u00fcck",
            "version": "1.12"
          },
          {
            "model": "e2 series camera",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebr\u00fcck",
            "version": "1.12.0.25"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "BID",
            "id": "106208"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2251_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2251:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/ewpc-2275_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/ewpc-2275:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "106208"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-19007",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2018-19007",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.4,
                "id": "CNVD-2019-04134",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2018-19007",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-19007",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-04134",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201812-657",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-19007",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root. The Geutebr\\303\\274ck E2CameraSeries is an E2 series webcam from Geutebr\\303\\274ck, Germany. A remote attacker can exploit this vulnerability to inject operating system commands with root privileges. Geutebr\u00c3\u00bcck GmbH E2 Series IP Cameras are prone to an OS command-injection vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "BID",
            "id": "106208"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-19007",
            "trust": 3.4
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-347-03",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "106208",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "db": "BID",
            "id": "106208"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "id": "VAR-201812-0470",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          }
        ]
      },
      "last_update_date": "2023-12-18T14:05:17.281000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.guardzilla.com/"
          },
          {
            "title": "Geutebr\\303\\274ckE2CameraSeries operating system command injection vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/153491"
          },
          {
            "title": "Geutebr\u00fcck E2 Camera Series Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87899"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-347-03"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/106208"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-19007"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19007"
          },
          {
            "trust": 0.3,
            "url": "https://www.geutebrueck.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "db": "BID",
            "id": "106208"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "db": "BID",
            "id": "106208"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-02-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "date": "2018-12-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "date": "2018-12-14T00:00:00",
            "db": "BID",
            "id": "106208"
          },
          {
            "date": "2019-03-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "date": "2018-12-14T20:29:00.297000",
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "date": "2018-12-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-02-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-04134"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-19007"
          },
          {
            "date": "2018-12-14T00:00:00",
            "db": "BID",
            "id": "106208"
          },
          {
            "date": "2019-03-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          },
          {
            "date": "2019-10-09T23:37:35.553000",
            "db": "NVD",
            "id": "CVE-2018-19007"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebrueck GmbH E2 Camera In the series  OS Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014624"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201812-657"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201705-3255

    Vulnerability from variot - Updated: 2023-12-18 12:44

    An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. A remote code execution vulnerability exists in Geutebruck G-Cam/EFD-2250. An attacker exploited the vulnerability to execute arbitrary code. A failed attack can result in a denial of service. Attackers may exploit these issues to gain unauthorized access to the affected device and to execute arbitrary code within the context of the affected device. G-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is a network camera produced by German Geutebruck company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3255",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "geutebruck",
            "version": "1.11.0.12"
          },
          {
            "model": "ip camera g-cam efd-2250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.11.0.12"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "geutebrueck",
            "version": "1.11.0.12"
          },
          {
            "model": "ip camera g-cam efd-2250",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.11.0.12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ip camera g cam efd 2250",
            "version": "1.11.0.12"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:ip_camera_g-cam_efd-2250_firmware:1.11.0.12:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:ip_camera_g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Florent Montel, Frederic Cikala, and Davy Douhine of RandoriSec",
        "sources": [
          {
            "db": "BID",
            "id": "96209"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-5173",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2017-5173",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-01889",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-113376",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-5173",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-5173",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-01889",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-611",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-113376",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-5173",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. A remote code execution vulnerability exists in Geutebruck G-Cam/EFD-2250. An attacker exploited the vulnerability to execute arbitrary code. A failed attack can result in a denial of service. \nAttackers may exploit these issues to gain unauthorized access to the affected device and to  execute arbitrary code within the context of the affected device. \nG-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is a network camera produced by German Geutebruck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          }
        ],
        "trust": 2.79
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-113376",
            "trust": 0.1,
            "type": "unknown"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41360",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-5173",
            "trust": 3.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-045-02",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "96209",
            "trust": 2.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "41360",
            "trust": 1.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "05EBD79B-F06D-41C7-986C-D7D4284611B4",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "141142",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "id": "VAR-201705-3255",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          }
        ],
        "trust": 1.725
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:44:37.070000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "Patch for Geutebruck G-Cam/EFD-2250 Remote Code Execution Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/89709"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68204"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-943",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-02"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/96209"
          },
          {
            "trust": 1.9,
            "url": "https://www.exploit-db.com/exploits/41360/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5173"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5173"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-02 "
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/943.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=52662"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-02-24T00:00:00",
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "date": "2017-02-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "date": "2017-05-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "date": "2017-05-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "date": "2017-02-14T00:00:00",
            "db": "BID",
            "id": "96209"
          },
          {
            "date": "2017-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "date": "2017-05-19T03:29:00.183000",
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "date": "2017-02-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-02-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          },
          {
            "date": "2017-09-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113376"
          },
          {
            "date": "2017-09-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5173"
          },
          {
            "date": "2017-03-07T04:02:00",
            "db": "BID",
            "id": "96209"
          },
          {
            "date": "2017-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-004263"
          },
          {
            "date": "2022-02-10T17:58:18.437000",
            "db": "NVD",
            "id": "CVE-2017-5173"
          },
          {
            "date": "2022-02-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck G-Cam/EFD-2250 Remote code execution vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "05ebd79b-f06d-41c7-986c-d7d4284611b4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01889"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-611"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201705-3256

    Vulnerability from variot - Updated: 2023-12-18 12:44

    An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution. Geutebruck IP Camera G-Cam/EFD-2250 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. An attacker exploited the vulnerability to gain unauthorized access to the affected device environment. Failed exploit attempts may result in a denial-of-service condition. G-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is germany Geutebruck A network camera of the company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3256",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ip camera g-cam efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebruck",
            "version": "1.11.0.12"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "geutebruck",
            "version": "1.11.0.12"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "geutebrueck",
            "version": "1.11.0.12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ip camera g cam efd 2250",
            "version": "1.11.0.12"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebruck:ip_camera_g-cam_efd-2250_firmware:1.11.0.12:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebruck:ip_camera_g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Florent Montel, Frederic Cikala, and Davy Douhine of RandoriSec",
        "sources": [
          {
            "db": "BID",
            "id": "96209"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-5174",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": true,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2017-5174",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-01888",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-113377",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-5174",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-5174",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-01888",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-610",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-113377",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-5174",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution. Geutebruck IP Camera G-Cam/EFD-2250 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. An attacker exploited the vulnerability to gain unauthorized access to the affected device environment. Failed exploit attempts may result in a denial-of-service condition. \nG-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is germany Geutebruck A network camera of the company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          }
        ],
        "trust": 2.79
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-113377",
            "trust": 0.1,
            "type": "unknown"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41360",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-5174",
            "trust": 3.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-045-02",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "96209",
            "trust": 2.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "41360",
            "trust": 1.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "409C1FE8-A44C-4075-B30D-BC6E6046C75F",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "id": "VAR-201705-3256",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          }
        ],
        "trust": 1.725
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:44:37.029000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "Geutebruck G-Cam/EFD-2250 authentication bypass vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/89708"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68205"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-02"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/96209"
          },
          {
            "trust": 1.9,
            "url": "https://www.exploit-db.com/exploits/41360/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5174"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5174"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-02 "
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=52663"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "db": "BID",
            "id": "96209"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-02-24T00:00:00",
            "db": "IVD",
            "id": "409c1fe8-a44c-4075-b30d-bc6e6046c75f"
          },
          {
            "date": "2017-02-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "date": "2017-05-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "date": "2017-05-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "date": "2017-02-14T00:00:00",
            "db": "BID",
            "id": "96209"
          },
          {
            "date": "2017-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "date": "2017-05-19T03:29:00.230000",
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "date": "2017-02-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-02-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01888"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113377"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5174"
          },
          {
            "date": "2017-03-07T04:02:00",
            "db": "BID",
            "id": "96209"
          },
          {
            "date": "2017-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          },
          {
            "date": "2019-10-03T00:03:26.223000",
            "db": "NVD",
            "id": "CVE-2017-5174"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Camera G-Cam/EFD-2250 Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-004264"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-610"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-0367

    Vulnerability from variot - Updated: 2023-12-18 12:35

    Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). G-Cam and G-Code To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Geutebruck GmbH is a German high-tech private company that specializes in designing and producing high-quality, perfectly matched video security solutions.

    Geutebruck IP Cameras certification RCE vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-0367",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam ethc-2239",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ebc-2111",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2239",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ebc-2111",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ebc-2111",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-code eec-2400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-code eec-2400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-code eec-2400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ethc-2239",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.14.5"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ebc-2110",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ebc-2111",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/efd-2240",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/efd-2241",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/efd-2250",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ethc-2230",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ethc-2239",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ethc-2240",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ethc-2249",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-cam/ewpc-2270",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-code/eec-2400",
            "scope": null,
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": null
          },
          {
            "model": "g-code: eec-2xxx version",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.27"
          },
          {
            "model": "g-cam: ebc-21xx version",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.27"
          },
          {
            "model": "g-cam:efd-22xx version",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.27"
          },
          {
            "model": "g-cam:ethc-22xx version",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.27"
          },
          {
            "model": "g-cam:ewpc-22xx version",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "1.12.0.27"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.25:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-16205",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009458",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2021-14829",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009458",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2020-16205",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-009458",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-14829",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-267",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). G-Cam and G-Code To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Geutebruck GmbH is a German high-tech private company that specializes in designing and producing high-quality, perfectly matched video security solutions. \n\r\n\r\nGeutebruck IP Cameras certification RCE vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-16205",
            "trust": 3.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-219-03",
            "trust": 2.4
          },
          {
            "db": "PACKETSTORM",
            "id": "158888",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2719",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "id": "VAR-202008-0367",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.9500000000000001
      },
      "last_update_date": "2023-12-18T12:35:26.895000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/index.html"
          },
          {
            "title": "Patch for Geutebruck IP Cameras certification RCE vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/251321"
          },
          {
            "title": "Geutebr\u00fcck G-Cam  and G-Code Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126603"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-219-03"
          },
          {
            "trust": 2.4,
            "url": "http://packetstormsecurity.com/files/158888/geutebruck-testaction.cgi-remote-command-execution.html"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16205"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16205"
          },
          {
            "trust": 0.6,
            "url": "https://www.randorisec.fr/s05e01-rce-on-geutebruck-ip-cameras/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2719/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "date": "2020-11-06T05:06:27",
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "date": "2020-08-14T14:15:12.487000",
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "date": "2020-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-03-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-14829"
          },
          {
            "date": "2020-11-06T05:06:27",
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          },
          {
            "date": "2020-08-19T21:32:29.860000",
            "db": "NVD",
            "id": "CVE-2020-16205"
          },
          {
            "date": "2020-08-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "G-Cam and  G-Code In  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009458"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-267"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-1487

    Vulnerability from variot - Updated: 2023-12-18 12:27

    Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root. Geutebruck IP Camera G-Code and G-Cam In OS A command injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. G-Cam is a web camera series launched by Geutebrück. G-Code is an analog video encoder launched by Geutebrück.

    Geutebrück G-Cam and G-Code have OS command injection vulnerabilities. The vulnerability stems from the fact that external input data constructs executable commands for the operating system, and the network system or product does not properly filter special characters and commands. Attackers can use this vulnerability to execute illegal operating system commands. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. The following products of Geutebruck are affected: G-Code EEC-2xxx version 1.12.0.25 and prior G-Cam EBC-21xx version 1.12.0.25 and prior G-Cam EFD-22xx version 1.12.0.25 and prior G-Cam ETHC-22xx version 1.12.0.25 and prior G-Cam EWPC-22xx version 1.12.0.25 and prior

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1487",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam ebc-2111",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2239",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code eec-2400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2110",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2111",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2241",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2230",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2239",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2249",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2400",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Romain Luyer and Guillaume Gronnier from CEIS, and Davy Douhine from RandoriSec reported these vulnerabilities to NCCIC., and Davy Douhine from RandoriSec, and Davy Douhine from RandoriSec.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-10956",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2019-10956",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-22346",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10956",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2019-10956",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22346",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201906-088",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-10956",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root. Geutebruck IP Camera G-Code and G-Cam In OS A command injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. G-Cam is a web camera series launched by Geutebr\u00fcck. G-Code is an analog video encoder launched by Geutebr\u00fcck. \n\r\n\r\nGeutebr\u00fcck G-Cam and G-Code have OS command injection vulnerabilities. The vulnerability stems from the fact that external input data constructs executable commands for the operating system, and the network system or product does not properly filter special characters and commands. Attackers can use this vulnerability to execute illegal operating system commands. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. \nThe following products of Geutebruck are affected:\nG-Code EEC-2xxx version 1.12.0.25 and prior\nG-Cam EBC-21xx version 1.12.0.25 and prior\nG-Cam EFD-22xx version 1.12.0.25 and prior\nG-Cam ETHC-22xx version 1.12.0.25 and prior\nG-Cam EWPC-22xx version 1.12.0.25 and prior",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-19-155-03",
            "trust": 3.4
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "108579",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "id": "VAR-202001-1487",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          }
        ],
        "trust": 1.5125
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:27:45.179000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/"
          },
          {
            "title": "Patch for Geutebr\u00fcck G-Cam and G-Code OS command injection vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/213553"
          },
          {
            "title": "Multiple Geutebr\u00fcck Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93177"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.6,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10956"
          },
          {
            "trust": 0.9,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10956"
          },
          {
            "trust": 0.7,
            "url": "https://www.securityfocus.com/bid/108579"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "date": "2020-01-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "date": "2020-01-17T18:15:12.040000",
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "date": "2019-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22346"
          },
          {
            "date": "2020-01-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10956"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          },
          {
            "date": "2020-01-24T22:10:30.303000",
            "db": "NVD",
            "id": "CVE-2019-10956"
          },
          {
            "date": "2020-01-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Camera G-Code and  G-Cam In  OS Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014194"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-088"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-1489

    Vulnerability from variot - Updated: 2023-12-18 12:27

    Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root. Geutebruck IP Camera G-Code and G-Cam In OS A command injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. G-Cam is a web camera series launched by Geutebrück. G-Code is an analog video encoder launched by Geutebrück.

    Geutebrück G-Cam and G-Code have OS command injection vulnerabilities. The vulnerability stems from the fact that external input data constructs executable commands for the operating system, and the network system or product does not properly filter special characters and commands. Attackers can use this vulnerability to execute illegal operating system commands. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. The following products of Geutebruck are affected: G-Code EEC-2xxx version 1.12.0.25 and prior G-Cam EBC-21xx version 1.12.0.25 and prior G-Cam EFD-22xx version 1.12.0.25 and prior G-Cam ETHC-22xx version 1.12.0.25 and prior G-Cam EWPC-22xx version 1.12.0.25 and prior

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1489",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam ebc-2111",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2239",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code eec-2400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2110",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2111",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2241",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2230",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2239",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2249",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2400",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Romain Luyer and Guillaume Gronnier from CEIS, and Davy Douhine from RandoriSec reported these vulnerabilities to NCCIC., and Davy Douhine from RandoriSec, and Davy Douhine from RandoriSec.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-10958",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2019-10958",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-22345",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10958",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2019-10958",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22345",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201906-087",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root. Geutebruck IP Camera G-Code and G-Cam In OS A command injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. G-Cam is a web camera series launched by Geutebr\u00fcck. G-Code is an analog video encoder launched by Geutebr\u00fcck. \n\r\n\r\nGeutebr\u00fcck G-Cam and G-Code have OS command injection vulnerabilities. The vulnerability stems from the fact that external input data constructs executable commands for the operating system, and the network system or product does not properly filter special characters and commands. Attackers can use this vulnerability to execute illegal operating system commands. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. \nThe following products of Geutebruck are affected:\nG-Code EEC-2xxx version 1.12.0.25 and prior\nG-Cam EBC-21xx version 1.12.0.25 and prior\nG-Cam EFD-22xx version 1.12.0.25 and prior\nG-Cam ETHC-22xx version 1.12.0.25 and prior\nG-Cam EWPC-22xx version 1.12.0.25 and prior",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "BID",
            "id": "108579"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-19-155-03",
            "trust": 3.3
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "108579",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "id": "VAR-202001-1489",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          }
        ],
        "trust": 1.5125
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:27:45.146000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/"
          },
          {
            "title": "Patch for Geutebr\u00fcck G-Cam and G-Code OS command injection vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/213555"
          },
          {
            "title": "Multiple Geutebr\u00fcck Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93176"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.5,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10958"
          },
          {
            "trust": 0.9,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10958"
          },
          {
            "trust": 0.6,
            "url": "https://www.securityfocus.com/bid/108579"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "date": "2020-01-17T18:15:12.260000",
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "date": "2019-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22345"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          },
          {
            "date": "2020-01-24T22:16:45.353000",
            "db": "NVD",
            "id": "CVE-2019-10958"
          },
          {
            "date": "2020-01-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Camera G-Code and  G-Cam In  OS Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014196"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-087"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-1488

    Vulnerability from variot - Updated: 2023-12-18 12:27

    Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user’s browser. Geutebruck IP Camera G-Code and G-Cam Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. G-Cam is a web camera series launched by Geutebrück. G-Code is an analog video encoder launched by Geutebrück.

    Geutebrück G-Cam and G-Code have cross-site scripting vulnerabilities. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. Geutebruck G-Cam and G-Code are prone to an HTML-injection vulnerability and multiple OS command-injection vulnerabilities. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. The following products of Geutebruck are affected: G-Code EEC-2xxx version 1.12.0.25 and prior G-Cam EBC-21xx version 1.12.0.25 and prior G-Cam EFD-22xx version 1.12.0.25 and prior G-Cam ETHC-22xx version 1.12.0.25 and prior G-Cam EWPC-22xx version 1.12.0.25 and prior

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1488",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam ebc-2111",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2241",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ebc-2110",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2250",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2249",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ewpc-2270",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2230",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam ethc-2239",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code eec-2400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam efd-2240",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "geutebrueck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2110",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-2111",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2241",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2230",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2239",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2240",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-2249",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2400",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "geutebruck",
            "version": "\u003c=1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.25"
          },
          {
            "model": "g-code/eec-2xxx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ewpc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ethc-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/efd-22xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          },
          {
            "model": "g-cam/ebc-21xx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.13.2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "1.12.0.25",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Romain Luyer and Guillaume Gronnier from CEIS, and Davy Douhine from RandoriSec reported these vulnerabilities to NCCIC., and Davy Douhine from RandoriSec, and Davy Douhine from RandoriSec., and Davy Douhine from RandoriSec reported these vulnerabilities to NCCIC",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-10957",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-10957",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-22347",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2019-10957",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2019-10957",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22347",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201906-090",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-10957",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user\u2019s browser. Geutebruck IP Camera G-Code and G-Cam Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. G-Cam is a web camera series launched by Geutebr\u00fcck. G-Code is an analog video encoder launched by Geutebr\u00fcck. \n\r\n\r\nGeutebr\u00fcck G-Cam and G-Code have cross-site scripting vulnerabilities. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. Geutebruck G-Cam and G-Code are prone to an HTML-injection vulnerability and multiple OS command-injection vulnerabilities. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and inject and execute arbitrary commands. Other attacks are also possible. \nThe following products of Geutebruck are affected:\nG-Code EEC-2xxx version 1.12.0.25 and prior\nG-Cam EBC-21xx version 1.12.0.25 and prior\nG-Cam EFD-22xx version 1.12.0.25 and prior\nG-Cam ETHC-22xx version 1.12.0.25 and prior\nG-Cam EWPC-22xx version 1.12.0.25 and prior",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-19-155-03",
            "trust": 3.4
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "108579",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "id": "VAR-202001-1488",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          }
        ],
        "trust": 1.5125
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:27:45.112000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/"
          },
          {
            "title": "Patch for Geutebr\u00fcck G-Cam and G-Code cross-site scripting vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/213551"
          },
          {
            "title": "Multiple Geutebr\u00fcck Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93179"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.6,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-155-03"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10957"
          },
          {
            "trust": 0.9,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10957"
          },
          {
            "trust": 0.6,
            "url": "https://www.securityfocus.com/bid/108579"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/162091"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "db": "BID",
            "id": "108579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "date": "2020-01-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "date": "2020-01-17T18:15:12.180000",
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "date": "2019-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22347"
          },
          {
            "date": "2020-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10957"
          },
          {
            "date": "2019-06-05T00:00:00",
            "db": "BID",
            "id": "108579"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          },
          {
            "date": "2023-02-01T16:27:37.857000",
            "db": "NVD",
            "id": "CVE-2019-10957"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Camera G-Code and  G-Cam Vulnerable to cross-site scripting",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014195"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-090"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201803-2216

    Vulnerability from variot - Updated: 2023-12-18 12:18

    A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2216",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7524",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2018-7524",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06021",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-137556",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2018-7524",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7524",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06021",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-763",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137556",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7524",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E8F6E1-39AB-11E9-AC0F-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "id": "VAR-201803-2216",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.558000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "GeutebruckIPCameras cross-site request forgery vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122843"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 Fixes for cross-site request forgery vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79349"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7524"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7524"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "date": "2018-03-22T18:29:01.027000",
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137556"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003344"
          },
          {
            "date": "2019-10-09T23:42:23.003000",
            "db": "NVD",
            "id": "CVE-2018-7524"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras Cross-Site Request Forgery Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e1-39ab-11e9-ac0f-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06021"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-763"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201803-2221

    Vulnerability from variot - Updated: 2023-12-18 12:18

    Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. GeutebruckIPCameras has a remote code execution vulnerability that an attacker can exploit to execute arbitrary code. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2221",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7532",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": true,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2018-7532",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06019",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137564",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2018-7532",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7532",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06019",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-761",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137564",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. GeutebruckIPCameras has a remote code execution vulnerability that an attacker can exploit to execute arbitrary code. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7532",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E6FB10-39AB-11E9-8292-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "id": "VAR-201803-2221",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.513000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "Patch for Geutebruck IPCameras Remote Code Execution Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122847"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79347"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 1.7,
            "url": "https://randorisec.fr/0day-anonymous-rce-on-geutebruck-ip-cameras-again/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7532"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7532"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "date": "2018-03-22T18:29:01.137000",
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137564"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003346"
          },
          {
            "date": "2019-10-09T23:42:23.830000",
            "db": "NVD",
            "id": "CVE-2018-7532"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras Remote code execution vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb10-39ab-11e9-8292-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06019"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-761"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201803-2210

    Vulnerability from variot - Updated: 2023-12-18 12:18

    A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. There is a server-side request forgery vulnerability in GeutebruckIPCameras, which can be exploited by attackers. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company. An attacker could exploit this vulnerability to scan proxy networks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2210",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7516",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2018-7516",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06022",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "e2e7221e-39ab-11e9-a995-000c29342cb1",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137548",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 3.9,
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "Low",
                "baseScore": 7.3,
                "baseSeverity": "High",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2018-7516",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7516",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06022",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-765",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e2e7221e-39ab-11e9-a995-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137548",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. There is a server-side request forgery vulnerability in GeutebruckIPCameras, which can be exploited by attackers. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company. An attacker could exploit this vulnerability to scan proxy networks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7516",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E7221E-39AB-11E9-A995-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "id": "VAR-201803-2210",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.474000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "Patch for Geutebruck IPCameras Cross-Site Request Forgery Vulnerability (CNVD-2018-06022)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122841"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79351"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-918",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7516"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7516"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "date": "2018-03-22T18:29:00.900000",
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06022"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137548"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          },
          {
            "date": "2019-10-09T23:42:22.080000",
            "db": "NVD",
            "id": "CVE-2018-7516"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck G-Cam/EFD-2250 and  Topline TopFD-2125 Server-side request forgery vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003342"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Code problem",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e7221e-39ab-11e9-a995-000c29342cb1"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-765"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201803-2218

    Vulnerability from variot - Updated: 2023-12-18 12:18

    An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2218",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7528",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.4,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2018-7528",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06024",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2e94500-39ab-11e9-a236-000c29342cb1",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137560",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2018-7528",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7528",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06024",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-762",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "e2e94500-39ab-11e9-a236-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137560",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7528",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E94500-39AB-11E9-A236-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "id": "VAR-201803-2218",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.437000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "GeutebruckIPCamerasSQL injection vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122849"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 SQL Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79348"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7528"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7528"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "date": "2018-03-22T18:29:01.087000",
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06024"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137560"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          },
          {
            "date": "2019-10-09T23:42:23.377000",
            "db": "NVD",
            "id": "CVE-2018-7528"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck G-Cam/EFD-2250 and  Topline TopFD-2125 In  SQL Injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003345"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e94500-39ab-11e9-a236-000c29342cb1"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-762"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201803-2207

    Vulnerability from variot - Updated: 2023-12-18 12:18

    A cross-site scripting vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2207",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7512",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2018-7512",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06023",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-137544",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2018-7512",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7512",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06023",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-766",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137544",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A cross-site scripting vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7512",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E6FB0F-39AB-11E9-B666-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "id": "VAR-201803-2207",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.399000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "Patch for Geutebruck IPCameras Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122839"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79352"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7512"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7512"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "date": "2018-03-22T18:29:00.837000",
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          },
          {
            "date": "2019-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137544"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003341"
          },
          {
            "date": "2019-10-09T23:42:21.267000",
            "db": "NVD",
            "id": "CVE-2018-7512"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e6fb0f-39ab-11e9-b666-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06023"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-766"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201803-2213

    Vulnerability from variot - Updated: 2023-12-18 12:18

    An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A SQL-injection vulnerability 3. A cross-site request-forgery vulnerability 4. An access-bypass vulnerability 5. A security-bypass vulnerability 6. A cross-site scripting vulnerability Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device. The following devices are vulnerable: Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Geutebruck Topline TopFD-2125 version 3.15.1. Geutebrück G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebrück company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2213",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "g-cam/efd-2250",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "geutebruck",
            "version": "1.12.0.4"
          },
          {
            "model": "g-cam\\/efd-2250",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "1.12.0.4"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "geutebrueck",
            "version": "3.15.1"
          },
          {
            "model": "topline topfd-2125",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "topfd-2125",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "geutebruck",
            "version": "3.15.1"
          },
          {
            "model": "g-cam/efd-2250",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "geutebruck",
            "version": "1.12.0.19"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "g cam efd 2250",
            "version": "1.12.0.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "topfd 2125",
            "version": "3.15.1"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:g-cam\\/efd-2250_firmware:1.12.0.4:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:g-cam\\/efd-2250:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:geutebrueck:topfd-2125_firmware:3.15.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:geutebrueck:topfd-2125:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock.",
        "sources": [
          {
            "db": "BID",
            "id": "103474"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-7520",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2018-7520",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-06020",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137552",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2018-7520",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2018-7520",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-06020",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201803-764",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137552",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords. Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The G-Cam/EFD-2250 and ToplineTopFD-2125 are both high-definition cameras from Geutebruck. Multiple Geutebruck devices are prone to the following multiple security vulnerabilities. \n1. An authentication-bypass vulnerability\n2. A SQL-injection vulnerability\n3. A cross-site request-forgery vulnerability\n4. An access-bypass vulnerability\n5. A security-bypass vulnerability\n6. A cross-site scripting vulnerability\nAttackers may exploit these issues to gain unauthorized access to the   affected device, or to bypass certain security restrictions to perform  unauthorized actions, to compromise the application to access or modify  data and to exploit vulnerabilities in the underlying database, to  execute arbitrary script code in the browser of an unsuspecting user in  the context of the affected site or to  execute arbitrary code within  the context of the  affected device. \nThe following devices are vulnerable:\nGeutebruck G-Cam/EFD-2250 version 1.12.0.4\nGeutebruck Topline TopFD-2125 version 3.15.1. Geutebr\u00fcck G-Cam/EFD-2250 and Topline TopFD-2125 are IP camera products of German Geutebr\u00fcck company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          }
        ],
        "trust": 2.7
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-137552",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7520",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-079-01",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "103474",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2E8F6E2-39AB-11E9-B0E9-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "148380",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "id": "VAR-201803-2213",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          }
        ],
        "trust": 1.7595238
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT",
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:18:58.361000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.geutebrueck.com/en_en.html"
          },
          {
            "title": "GeutebruckIPCameras patch for incorrect access control vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/122845"
          },
          {
            "title": "Geutebr\u00fcck G-Cam/EFD-2250  and Topline TopFD-2125 Fixes for access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79350"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/103474"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7520"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7520"
          },
          {
            "trust": 0.3,
            "url": "http://www.geutebrueck.com/en_en/product-overview-31934.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "db": "BID",
            "id": "103474"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "date": "2018-03-22T18:29:00.963000",
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-03-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          },
          {
            "date": "2020-10-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137552"
          },
          {
            "date": "2018-03-20T00:00:00",
            "db": "BID",
            "id": "103474"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003343"
          },
          {
            "date": "2020-10-02T14:53:05.433000",
            "db": "NVD",
            "id": "CVE-2018-7520"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Geutebruck IP Cameras Incorrect access control vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "e2e8f6e2-39ab-11e9-b0e9-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-06020"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201803-764"
          }
        ],
        "trust": 0.6
      }
    }