CVE-2013-1594
published 2020-01-24CVE-2013-1594: An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials…
PriorityP356high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
7.33%
93.6th percentile
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vivotek | pt7135_firmware | — | — |
| vivotek | pt7135_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Proxy or IDS should filter HTTP requests containing '/../../' and 'getparam.cgi' to block path traversal and information disclosure attempts. ↗
- →Monitor RTSP traffic on TCP port 554 for oversized Authorization: Basic headers (1000–10000+ characters of repeated 'a'/0x61) indicating CVE-2013-1595 buffer overflow attempts against the same device/firmware. ↗
- →Filter or alert on the parameter 'system.ntp' in requests to the process 'farseer.out' to detect OS command injection attempts (CVE-2013-1598). ↗
- ·CVE-2013-1598 command injection is pre-authentication on firmware 0300a but requires post-authentication on firmware 0400a; detection/blocking logic should account for this difference. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.exploit-db.com/exploits/25139http://www.securityfocus.com/bid/59572https://exchange.xforce.ibmcloud.com/vulnerabilities/83943https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txthttps://packetstormsecurity.com/files/cve/CVE-2013-1594https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilitieshttp://www.exploit-db.com/exploits/25139http://www.securityfocus.com/bid/59572https://exchange.xforce.ibmcloud.com/vulnerabilities/83943https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txthttps://packetstormsecurity.com/files/cve/CVE-2013-1594https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities
2020-01-24
Published