Geutebrueck G-Cam Ebc-2110 Firmware vulnerabilities
16 known vulnerabilities affecting geutebrueck/g-cam_ebc-2110_firmware.
Total CVEs
16
CISA KEV
0
Public exploits
10
Exploited in wild
8
Severity breakdown
CRITICAL1HIGH14MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-33544P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33544 [HIGH] CWE-78 CVE-2021-33544: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33549P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33549 [HIGH] CWE-121 CVE-2021-33549: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33548P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33548 [HIGH] CWE-78 CVE-2021-33548: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33550P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33550 [HIGH] CWE-78 CVE-2021-33550: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33554P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33554 [HIGH] CWE-78 CVE-2021-33554: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33551P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33551 [HIGH] CWE-78 CVE-2021-33551: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33552P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33552 [HIGH] CWE-78 CVE-2021-33552: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33553P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33553 [HIGH] CWE-78 CVE-2021-33553: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33543P1CRITICALCVSS 9.8PoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33543 [CRITICAL] CWE-306 CVE-2021-33543: Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
nvd
CVE-2020-16205P2HIGHCVSS 7.2PoCv1.12.0.25v1.12.13.2+1 more2020-08-14
CVE-2020-16205 [HIGH] CWE-78 CVE-2020-16205: Using a specially crafted URL command, a remote authenticated user can execute commands as root on t
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
nvd
CVE-2019-10958P3HIGHCVSS 7.2≤ 1.12.0.252020-01-17
CVE-2019-10958 [HIGH] CWE-78 CVE-2019-10958: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root.
nvd
CVE-2019-10956P3HIGHCVSS 7.2≤ 1.12.0.252020-01-17
CVE-2019-10956 [HIGH] CWE-78 CVE-2019-10956: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root.
nvd
CVE-2021-33545P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33545 [HIGH] CWE-121 CVE-2021-33545: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33546P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33546 [HIGH] CWE-121 CVE-2021-33546: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33547P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33547 [HIGH] CWE-121 CVE-2021-33547: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2019-10957P4MEDIUMCVSS 4.8≤ 1.12.0.252020-01-17
CVE-2019-10957 [MEDIUM] CWE-79 CVE-2019-10957: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user’s browser.
nvd