ICS Geutebruck IP Camera testaction.cgi Command Injection -1.b (CVE-2017-5173)

Rule ID

1232727

Severity

Critical

Description

An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution.

Impact

Remote command execution

Recommendation

Update vendor's patch.

IPS Category

ICS threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2017-5173

CVE-2017-5174

EDB-41360

ICSA-17-045-02

T1059

T0853

Keywords

N/A

Date Created

2023/05/12

Last Updated

2024/02/27

This website uses cookies to ensure you get the best experience on our website.