Efm Networks Multimedia Iptime C200 Ip Camera vulnerabilities
3 known vulnerabilities affecting efm_networks_multimedia/iptime_c200_ip_camera.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2021-26614P2CRITICALCVSS 9.8≥ 1.058, ≤ 1.0582021-11-22
CVE-2021-26614 [CRITICAL] CWE-749 CVE-2021-26614: ius_get.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted
ius_get.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command.
nvd
CVE-2020-7879P3CRITICALCVSS 9.8≥ 1.0.16, ≤ 1.0.162021-11-30
CVE-2020-7879 [CRITICAL] CWE-78 CVE-2020-7879: This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to exe
nvd
CVE-2020-7848P3HIGHCVSS 8.0≥ 1.0.12, ≤ 1.0.122021-02-17
CVE-2020-7848 [HIGH] CWE-20 CVE-2020-7848: The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=
The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value.
nvd