Overview
- Description
- This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to execute remote command.
- Source
- vuln@krcert.or.kr
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iptime:c200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "51EFFE28-E23D-4FB7-9BF2-179DD051B0A7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iptime:c200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67D5AC5F-54DC-4806-9D9D-7A11A8296919",
"versionEndIncluding": "1.0.16"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]