CVE-2019-10956
HIGHGeutebrueck G-code Eec-2400 Firmware - OS Command Injection
Title source: ruleDescription
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/ICSA-19-155-03
Scores
CVSS v3
7.2
EPSS
0.0271
EPSS Percentile
84.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (11)
geutebrueck/g-cam_ebc-2110_firmware
< 1.12.0.25
geutebrueck/g-cam_ebc-2111_firmware
< 1.12.0.25
geutebrueck/g-cam_efd-2240_firmware
< 1.12.0.25
geutebrueck/g-cam_efd-2241_firmware
< 1.12.0.25
geutebrueck/g-cam_efd-2250_firmware
< 1.12.0.25
geutebrueck/g-cam_ethc-2230_firmware
< 1.12.0.25
geutebrueck/g-cam_ethc-2239_firmware
< 1.12.0.25
geutebrueck/g-cam_ethc-2240_firmware
< 1.12.0.25
geutebrueck/g-cam_ethc-2249_firmware
< 1.12.0.25
geutebrueck/g-cam_ewpc-2270_firmware
< 1.12.0.25
... and 1 more
Published
Jan 17, 2020
Tracked Since
Feb 18, 2026