Vulnerabilities > CVE-2017-5174 - Remote Code Execution vulnerability in Geutebruck IP Camera G-Cam Efd-2250 Firmware 1.11.0.12
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Hardware | 1 |
Exploit-Db
| description | Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit). CVE-2017-5173,CVE-2017-5174. Webapps exploit for Hardware platform |
| file | exploits/hardware/webapps/41360.rb |
| id | EDB-ID:41360 |
| last seen | 2017-02-15 |
| modified | 2017-02-15 |
| platform | hardware |
| port | |
| published | 2017-02-15 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/41360/ |
| title | Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit) |
| type | webapps |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/141142/geutebruck-exec.rb.txt |
| id | PACKETSTORM:141142 |
| last seen | 2017-02-18 |
| published | 2017-02-17 |
| reporter | Davy Douhine |
| source | https://packetstormsecurity.com/files/141142/Geutebruck-testaction.cgi-Remote-Command-Execution.html |
| title | Geutebruck testaction.cgi Remote Command Execution |