Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter and from this configuration is directly inserted into a bash command. Firmware update is run automatically if there is special file on the inserted SD card.
References
Link | Resource |
---|---|
https://dil4rd.medium.com/groundhog-day-in-iot-valley-or-5-cves-in-1-camera-7dc1d2864707 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
02 Feb 2021, 18:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:company:cs-c2shw_firmware:5.0.082.1:*:*:*:*:*:*:* cpe:2.3:h:company:cs-c2shw:-:*:*:*:*:*:*:* |
|
CWE | CWE-347 | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
References | (MISC) https://dil4rd.medium.com/groundhog-day-in-iot-valley-or-5-cves-in-1-camera-7dc1d2864707 - Exploit, Third Party Advisory |
26 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-26 18:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-27540
Mitre link : CVE-2020-27540
CVE.ORG link : CVE-2020-27540
JSON object : View
Products Affected
company
- cs-c2shw
- cs-c2shw_firmware
CWE
CWE-347
Improper Verification of Cryptographic Signature