Efd-2250 Firmware and Topfd-2125 Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

geutebrueck

critical

exploit available

NVD

Published: 2018-03-22

Updated: 2020-10-02

Summary

An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords.

Vulnerable Configurations

Part	Description	Count
OS	Geutebrueck Geutebrueck G Cam/Efd 2250 Firmware 1.12.0.4 Geutebrueck Topfd 2125 Firmware 3.15.1	2
Hardware	Geutebrueck Geutebrueck G Cam/Efd 2250 - Geutebrueck Topfd 2125 -	2

Exploit-Db

description	Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit). Webapps exploit for Hardware platform
id	EDB-ID:44957
last seen	2018-07-02
modified	2018-07-02
published	2018-07-02
reporter	Exploit-DB
source	https://www.exploit-db.com/download/44957/
title	Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)

Packetstorm

data source	https://packetstormsecurity.com/files/download/148380/geutebruck5-exec.rb.txt
id	PACKETSTORM:148380
last seen	2018-07-03
published	2018-07-02
reporter	Davy Douhine
source	https://packetstormsecurity.com/files/148380/Geutebruck-simple_loglistjs.cgi-Remote-Command-Execution.html
title	Geutebruck simple_loglistjs.cgi Remote Command Execution

Summary

Vulnerable Configurations

Exploit-Db

Packetstorm

References