Vulnerability feed

Vulnerability

CVE-2017-17105

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2017-17105
Description:: Zivif PR115-204-P-RS V2.3.4.2103 and V4.7.4.2121 (and possibly in-between versions) web cameras are vulnerable to unauthenticated, blind remote command injection via CGI scripts used as part of the web interface, as demonstrated by a cgi-bin/iptest.cgi?cmd=iptest.cgi&-time="1504225666237"&-url=$(reboot) request.
Last updated date:: 06/16/2020

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 12/21/2022
Reference url to background: https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/16/2020
Reference url to background: http://packetstormsecurity.com/files/145386/Zivif-PR115-204-P-RS-2.3.4.2103-Bypass-Command-Injection-Hardcoded-Password.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/16/2020
Reference url to background: http://seclists.org/fulldisclosure/2017/Dec/42

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |