CVE-2021-33549

HIGH EXPLOITED IN THE WILD

Multiple Camera Devices - Buffer Overflow

Title source: llm

Description

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Titouan Lazard - RandoriSec, Ibrahim Ayadhi - RandoriSec · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/geutebruck_instantrec_bof.rb

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html

[Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03

[Exploit, Third Party Advisory] https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/

Scores

CVSS v3 7.2

EPSS 0.8873

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-10-09

InTheWild.io 2023-10-10

CWE

CWE-121

Status published

Products (48)

geutebrueck/g-cam_ebc-2110_firmware 1.12.13.2

geutebrueck/g-cam_ebc-2110_firmware 1.12.14.5

geutebrueck/g-cam_ebc-2110_firmware < 1.12.0.27

geutebrueck/g-cam_ebc-2111_firmware 1.12.13.2

geutebrueck/g-cam_ebc-2111_firmware 1.12.14.5

geutebrueck/g-cam_ebc-2111_firmware < 1.12.0.27

geutebrueck/g-cam_ebc-2112_firmware 1.12.13.2

geutebrueck/g-cam_ebc-2112_firmware 1.12.14.5

geutebrueck/g-cam_ebc-2112_firmware < 1.12.0.27

geutebrueck/g-cam_efd-2241_firmware 1.12.13.2

... and 38 more

Published Sep 13, 2021

Tracked Since Feb 18, 2026