Geutebrueck G-Cam Efd-2250 Firmware vulnerabilities
22 known vulnerabilities affecting geutebrueck/g-cam_efd-2250_firmware.
Total CVEs
22
CISA KEV
0
Public exploits
11
Exploited in wild
8
Severity breakdown
CRITICAL4HIGH16MEDIUM2
Vulnerabilities
Page 1 of 2
CVE-2021-33544P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33544 [HIGH] CWE-78 CVE-2021-33544: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33549P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33549 [HIGH] CWE-121 CVE-2021-33549: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33548P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33548 [HIGH] CWE-78 CVE-2021-33548: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33550P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33550 [HIGH] CWE-78 CVE-2021-33550: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33554P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33554 [HIGH] CWE-78 CVE-2021-33554: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33551P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33551 [HIGH] CWE-78 CVE-2021-33551: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33552P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33552 [HIGH] CWE-78 CVE-2021-33552: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33553P1HIGHCVSS 7.2ExploitedPoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33553 [HIGH] CWE-78 CVE-2021-33553: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command in
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33543P1CRITICALCVSS 9.8PoC≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33543 [CRITICAL] CWE-306 CVE-2021-33543: Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
nvd
CVE-2020-16205P2HIGHCVSS 7.2PoCv1.12.0.25v1.12.13.2+1 more2020-08-14
CVE-2020-16205 [HIGH] CWE-78 CVE-2020-16205: Using a specially crafted URL command, a remote authenticated user can execute commands as root on t
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
nvd
CVE-2018-7520P3CRITICALCVSS 9.8PoCv1.12.0.42018-03-22
CVE-2018-7520 [CRITICAL] CWE-284 CVE-2018-7520: An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.
An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords.
nvd
CVE-2018-7532P2CRITICALCVSS 9.8v1.12.0.42018-03-22
CVE-2018-7532 [CRITICAL] CWE-287 CVE-2018-7532: Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4
Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution.
nvd
CVE-2018-7528P3CRITICALCVSS 9.1v1.12.0.42018-03-22
CVE-2018-7528 [CRITICAL] CWE-89 CVE-2018-7528: An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and
An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data.
nvd
CVE-2019-10958P3HIGHCVSS 7.2≤ 1.12.0.252020-01-17
CVE-2019-10958 [HIGH] CWE-78 CVE-2019-10958: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root.
nvd
CVE-2019-10956P3HIGHCVSS 7.2≤ 1.12.0.252020-01-17
CVE-2019-10956 [HIGH] CWE-78 CVE-2019-10956: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root.
nvd
CVE-2021-33545P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33545 [HIGH] CWE-121 CVE-2021-33545: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33546P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33546 [HIGH] CWE-121 CVE-2021-33546: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2021-33547P3HIGHCVSS 7.2≤ 1.12.0.27v1.12.13.2+1 more2021-09-13
CVE-2021-33547 [HIGH] CWE-121 CVE-2021-33547: Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-ba
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2018-7516P3HIGHCVSS 7.3v1.12.0.42018-03-22
CVE-2018-7516 [HIGH] CWE-918 CVE-2018-7516: A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version
A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans.
nvd
CVE-2018-7524P3HIGHCVSS 8.8v1.12.0.42018-03-22
CVE-2018-7524 [HIGH] CWE-352 CVE-2018-7524: A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version
A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system.
nvd
1 / 2Next →