CVE-2018-17879

2023-10-2600:00:00

mitre

www.cve.org

abus

tvip camera

vulnerability

remote code execution

cgi scripts

system injection

AI Score

9.8

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.

References

sec.maride.cc/posts/abus/#cve-2018-17879

www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen