cbcvebase.
CVE-2018-19007
published 2018-12-14

CVE-2018-19007: In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.88%
88.9th percentile
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.

Affected

2 ranges
VendorProductVersion rangeFixed in
geutebrueckg-cam_efd-2251_firmware< 1.12.0.251.12.0.25
geutebrueckg-cam_ewpc-2275_firmware< 1.12.0.251.12.0.25

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerable attack surface is the DDNS configuration panel (Network Configuration panel) of Geutebrück E2 series cameras — monitor for unexpected or malformed HTTP requests targeting DDNS configuration endpoints on these devices.
  • Exploitation requires high-privilege (admin-level) remote access; monitor for authenticated sessions on E2 camera web interfaces followed by DDNS configuration changes, especially those containing shell metacharacters (e.g., ;, |, $(), backticks).
  • Affected firmware versions are strictly prior to 1.12.0.25 on Geutebrück E2 series IP cameras — inventory and flag any such devices running older firmware as high-risk.
  • ·No known public exploits were available at the time of the advisory, limiting the ability to derive concrete exploit-based IOCs.
  • ·The injection occurs as root, meaning successful exploitation grants full OS-level access; post-exploitation activity (new processes, outbound connections) spawned from the camera's web server process should be treated as high-confidence indicators of compromise.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.