EXPLOITDB-EDB-37532

EXPLOITDB text VERIFIED WORKING POC
Exploit for CVE-2015-2279 - Airlive Bu-2015 Firmware - OS Command Injection
AI Analysis

The exploit demonstrates OS command injection vulnerabilities in AirLive IP cameras via the `cgi_test.cgi` and `wireless_mft.cgi` binaries. It allows unauthenticated remote command execution through crafted HTTP requests.

Attack Type
RCE
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter
Loading exploit code...
Download ZIP Password: eip
Source
Platform Exploitdb
Type webapps
Platform hardware
Language text
Files 1
Authors
Core Security Nahuel Riva
Vulnerability
CVE-2015-2279
Airlive Bu-2015 Firmware - OS Command Injection
CRITICAL
CVSS 9.8