CVE-2019-10957

Published Jan 17, 2020

Last updated 2 years ago

CVSS medium 4.8

Overview

Description: Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user’s browser.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.8
Impact score: 2.7
Exploitability score: 1.7
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79
ics-cert@hq.dhs.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-code_eec-2400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C32316BD-4862-47BC-9CDF-8461B0867284"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CF8C5A5-0F3A-467A-AFD2-E60ADA62CCBF",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8752CB59-2B2F-49DA-9307-8B4BDB081494"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8EB2851-9D8A-487C-9B71-5BF9EB5048A7",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA6A053D-DD65-4FC3-A053-FE3FB3E640F5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "775DBC94-B21B-40D1-8E5F-6FCC422CBFD4",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2240:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B75A2AE-8029-4BF1-8B13-5698738ADD8D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FD3D4CF-129F-4AAA-9FC3-35C3DFB5ED17",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFAA8B7F-8CFF-4BE9-9301-0D60FF3370DA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32B9BEC3-0176-4985-BE0A-54287072E21B",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5A628256-3DB6-4316-BF48-16C7147702F7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00C44320-C897-4D9A-AE77-6DAE7180AF07",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A04410F-F5DD-4C0A-ADC5-F531418BC6A2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2947E7D8-912F-48BB-B0CA-4223A76B8E1D",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57913EDA-9EA4-449E-ADE0-B785073AA92C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A2E4987-7C8C-441E-ADAA-F2E9642DABA6",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3052946A-3500-4824-A032-9E7E2861959A",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24B4318D-1EF6-4697-B613-601B099D0A29"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F94563FF-BF68-43F4-873A-DC6FCCC08EE2",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AAF52FD5-3CD6-4463-9B89-546AF6FFEF03"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "922E63BC-4703-4120-8AC4-5ED1EECC085E",
            "versionEndIncluding": "1.12.0.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B1CC8C3-EC7A-4BE2-AA0E-38DA0783FC68"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References