fkie_cve-2019-10956
Vulnerability from fkie_nvd
Published
2020-01-17 18:15
Modified
2024-11-21 04:20
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root.
References
ics-cert@hq.dhs.govhttps://www.us-cert.gov/ics/advisories/ICSA-19-155-03Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/ICSA-19-155-03Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
geutebrueck g-code_eec-2400_firmware *
geutebrueck g-code_eec-2400 -
geutebrueck g-cam_ebc-2110_firmware *
geutebrueck g-cam_ebc-2110 -
geutebrueck g-cam_ebc-2111_firmware *
geutebrueck g-cam_ebc-2111 -
geutebrueck g-cam_efd-2240_firmware *
geutebrueck g-cam_efd-2240 -
geutebrueck g-cam_efd-2241_firmware *
geutebrueck g-cam_efd-2241 -
geutebrueck g-cam_efd-2250_firmware *
geutebrueck g-cam_efd-2250 -
geutebrueck g-cam_ethc-2230_firmware *
geutebrueck g-cam_ethc-2230 -
geutebrueck g-cam_ethc-2240_firmware *
geutebrueck g-cam_ethc-2240 -
geutebrueck g-cam_ethc-2239_firmware *
geutebrueck g-cam_ethc-2239 -
geutebrueck g-cam_ethc-2249_firmware *
geutebrueck g-cam_ethc-2249 -
geutebrueck g-cam_ewpc-2270_firmware *
geutebrueck g-cam_ewpc-2270 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CF8C5A5-0F3A-467A-AFD2-E60ADA62CCBF",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32316BD-4862-47BC-9CDF-8461B0867284",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8EB2851-9D8A-487C-9B71-5BF9EB5048A7",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8752CB59-2B2F-49DA-9307-8B4BDB081494",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775DBC94-B21B-40D1-8E5F-6FCC422CBFD4",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA6A053D-DD65-4FC3-A053-FE3FB3E640F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD3D4CF-129F-4AAA-9FC3-35C3DFB5ED17",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B75A2AE-8029-4BF1-8B13-5698738ADD8D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B9BEC3-0176-4985-BE0A-54287072E21B",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFAA8B7F-8CFF-4BE9-9301-0D60FF3370DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C44320-C897-4D9A-AE77-6DAE7180AF07",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628256-3DB6-4316-BF48-16C7147702F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2947E7D8-912F-48BB-B0CA-4223A76B8E1D",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A04410F-F5DD-4C0A-ADC5-F531418BC6A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A2E4987-7C8C-441E-ADAA-F2E9642DABA6",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57913EDA-9EA4-449E-ADE0-B785073AA92C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3052946A-3500-4824-A032-9E7E2861959A",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24B4318D-1EF6-4697-B613-601B099D0A29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94563FF-BF68-43F4-873A-DC6FCCC08EE2",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAF52FD5-3CD6-4463-9B89-546AF6FFEF03",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "922E63BC-4703-4120-8AC4-5ED1EECC085E",
              "versionEndIncluding": "1.12.0.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1CC8C3-EC7A-4BE2-AA0E-38DA0783FC68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root."
    },
    {
      "lang": "es",
      "value": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): todas las versiones 1.12.0.25 y anteriores, pueden permitir un usuario autenticado remoto, utilizando un comando URL dise\u00f1ado, ejecutar comandos como root."
    }
  ],
  "id": "CVE-2019-10956",
  "lastModified": "2024-11-21T04:20:13.833",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-17T18:15:12.040",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.