CVE-2018-19007
CRITICALGeutebrueck E2 Camera Series < 1.12.0.25 - OS Command Injection via DDNS Configuration
Title source: llmDescription
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106208
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03
Scores
CVSS v3
9.8
EPSS
0.0388
EPSS Percentile
88.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (2)
geutebrueck/g-cam\/efd-2251_firmware
< 1.12.0.25
geutebrueck/g-cam\/ewpc-2275_firmware
< 1.12.0.25
Published
Dec 14, 2018
Tracked Since
Feb 18, 2026