Lucene search
MitreVULNRICHMENT:CVE-2018-17558HistoryOct 26, 2023 - 12:00 a.m.
CVE-2018-17558
2023-10-2600:00:00
mitre
github.com
3
cve-2018-17558; abus; tvip cameras; hardcoded credentials; command injection; remote code execution
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10055a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10055b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11502_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11552_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21502_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21552_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_22500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31001_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_32500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_51500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_51550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_72500_firmware:-:*:*:*:*:*:*:*"
],
"vendor": "abus",
"product": "tvip_72500_firmware",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2018-17558
2023-10-26 00:00:00
prion
prion
Hardcoded credentials
2023-10-26 22:15:00
cve
cve
CVE-2018-17558
2023-10-26 22:15:08
nvd
nvd
CVE-2018-17558
2023-10-26 22:15:08
AI Score
8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2018-17558