CVE-2021-33549

{"id": "CVE-2021-33549", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2021-09-13T18:15:22.773", "references": [{"url": "http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html", "tags": ["Exploit", "Third Party Advisory"], "source": "info@cert.vde.com"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03", "tags": ["Third Party Advisory", "US Government Resource"], "source": "info@cert.vde.com"}, {"url": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/", "tags": ["Exploit", "Third Party Advisory"], "source": "info@cert.vde.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code."}, {"lang": "es", "value": "M\u00faltiples dispositivos de c\u00e1mara de UDP Technology, Geutebr\u00fcck y otros proveedores son vulnerables a una condici\u00f3n de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el par\u00e1metro action, que puede permitir a un atacante ejecutar c\u00f3digo arbitrario remotamente"}], "lastModified": "2021-09-27T14:30:08.640", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D112B35C-B264-40A0-83D1-E55B9036913A", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22660A4B-ABFC-466D-9E0C-2EF4BD7A98F2"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E6939CF-1255-4E41-9199-B20471BDE977"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "181CBC12-DCC7-49AB-A9EC-8581D14333D6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFC70BCD-CBC1-4556-93C2-BAA4A5E0AE3D", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FB8A43B-E79D-4AC2-83ED-C29AAEA35E89"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC4847BD-E880-42DD-8A93-64042F286DFC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F93DB9C2-07FA-4EE6-B079-0189E73C4033"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11754F1F-D3C6-490D-BA6E-AB5B17460F1E", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E75EFC79-4453-4D6F-81A7-F0954EBCBA63"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AED71348-C669-44DD-8670-9361D77F4995"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "571918FA-7A65-4DED-83BD-4EBB73417430"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5230A0E-1D52-4C82-AB2A-FD4C5714AA6E", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B2BC819-B425-41D2-BEDE-943B5D4781B1"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "966334C5-628B-444F-8992-2DB8857BE797"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C0D67535-75F6-4467-9834-FBEFE5E9CB4B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "498E6BC9-3B2C-4F7C-9A76-7DDA3CE55E62", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1438441-4FDD-4C13-A230-EFE53DF8BBBB"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E5DEF62-A9EA-46A8-8BE2-603356F50493"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B1A2A83-64B9-44D5-9BCC-0DB4ED628F7B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "985CAD50-895C-4DFB-A41F-77A44C44D8B5", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCF30D97-6FC0-4D80-B8A4-B24078FDBA4C"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "843E4BCD-598B-457E-BB4F-17F29052C27B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35C88F5F-1340-41B6-85E0-84954A3E2C0F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB0BB4B5-FFB9-40C2-B1E5-D1ECBFA550F3", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0374A073-CAC4-4137-94DE-50035DC52DB6"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFF5C0B-9493-4B7C-983F-EC3418B52DB8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ACDA66D2-4E05-48F3-A710-30FB1BFBB22E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "886C810D-2D03-45C1-BBFB-1A290374EE92", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7851EE3-21FB-4447-A5B7-DFAFC335845B"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB0CDFBB-DA48-4E41-BDA2-01179AF04EA2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EB8C61F-AA77-4D33-9BCB-D1F01020E47C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C67E1A48-7907-448A-9E29-6964BEA54AA6", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16E2C1A4-E048-4DB8-8FB2-B020AD1F37F4"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FA3BBD7-77C8-4E78-81EC-EF0B3123F75D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7E4E8B5-D432-471D-A612-86AA7B83E49D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2AFB104-E3B2-4CBF-93A7-13DD14A509DD", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1DDDFD1-0428-4909-8079-D696D45ECED8"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "894AB862-E9E5-4E7B-A3FC-945C315911A6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_eec-2400:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "729D81B8-66E8-44D9-B794-ED4A8E869E10"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3808D6AA-3D02-44F1-8914-018BB17B2429", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC42C86C-8DAC-469C-9A6C-41F1D6E48891"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70924709-F815-4E43-9FCC-BAFFF7154DAF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_een-2010:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E71CBF86-3629-4F90-837F-DB9907AE2058"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6ADD66ED-4A4C-4B95-95CA-A116AAB52C5E", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A527F7AB-0434-4BC4-95EF-E1F18BDAC2B0"}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E23967D9-54C1-40C8-AB9F-61BAF2EAF9E3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_een-2040:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4FB10D7B-5FA5-486E-AE01-D96B901036A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6F25262-F719-4B70-8782-F23FB546A140", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF81F56A-6D0A-4294-937F-C4F82259F538"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2395E255-6FA5-4C74-938B-F94A20B02943"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2112:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1A7FEC97-E87B-47A8-A171-0CF22EAD54D8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D534DDA-8AD5-4FCC-BBA3-499F20230506", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "670D86CA-F192-49C0-B7BA-580A94A5DF59"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A5D0DDC-5C4C-4948-ADF9-0A2D40D7E8FF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2251:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "424F7E3B-565A-4E9B-942E-C241A08FAF33"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0BCBCFE-CAFF-4C12-99BB-39A6A0B86A7A", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41D9C92C-BDAB-4062-A9EF-A1CF4BA19F0C"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE138FC3-80A6-45F1-8AD2-EA5842351B67"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2275:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2F2AC61F-6C50-4B2F-A260-4FB128BFC956"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC9252C6-B2F6-4476-8294-98695218D26B", "versionEndIncluding": "1.12.0.27"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5A8920-DC4C-4E7A-8A09-95987B81C1B7"}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4328D71C-125E-414D-BFE9-F83C5B5AB646"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2271:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62EB57D9-0F72-40CD-A776-68121B19D06B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}