CVE-2018-19007
published 2018-12-14CVE-2018-19007: In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system…
PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.88%
88.9th percentile
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| geutebrueck | g-cam_efd-2251_firmware | < 1.12.0.25 | 1.12.0.25 |
| geutebrueck | g-cam_ewpc-2275_firmware | < 1.12.0.25 | 1.12.0.25 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerable attack surface is the DDNS configuration panel (Network Configuration panel) of Geutebrück E2 series cameras — monitor for unexpected or malformed HTTP requests targeting DDNS configuration endpoints on these devices. ↗
- →Exploitation requires high-privilege (admin-level) remote access; monitor for authenticated sessions on E2 camera web interfaces followed by DDNS configuration changes, especially those containing shell metacharacters (e.g., ;, |, $(), backticks). ↗
- →Affected firmware versions are strictly prior to 1.12.0.25 on Geutebrück E2 series IP cameras — inventory and flag any such devices running older firmware as high-risk. ↗
- ·No known public exploits were available at the time of the advisory, limiting the ability to derive concrete exploit-based IOCs. ↗
- ·The injection occurs as root, meaning successful exploitation grants full OS-level access; post-exploitation activity (new processes, outbound connections) spawned from the camera's web server process should be treated as high-confidence indicators of compromise. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jp9c-gmhj-f22f: In Geutebrueck GmbH E2 Camera Series versions prior to 1
ghsa_unreviewed·2022-05-13
CVE-2018-19007 [CRITICAL] CWE-78 GHSA-jp9c-gmhj-f22f: In Geutebrueck GmbH E2 Camera Series versions prior to 1
In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.
CISA ICS
Geutebrück GmbH E2 Series IP Cameras
cisa_ics·2018-12-13·CVSS 9.8
[CRITICAL] Geutebrück GmbH E2 Series IP Cameras
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Geutebrück GmbH E2 Series IP Cameras
Last RevisedDecember 13, 2018
Alert CodeICSA-18-347-03
## 1. EXECUTIVE SUMMARY
-
CVSS v3 7.2
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Geutebrück GmbH
- Equipment: E2 Camera Series
- Vulnerability: OS Command Injection
## 2. RISK EVALUATION
Successful exploitation of this vulnerability may allow a remote attacker to inject OS commands as root.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Geutebrück reports the vulnerability affect the following IP cameras:
E2 series cameras running firmware versions
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-12-14
Published