Arbitrary Command Execution Vulnerability in TP-Link IP Cameras

Arbitrary Command Execution Vulnerability in TP-Link IP Cameras

CVE-2013-2578 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.

Learn more about our Cis Benchmark Audit For Server Software.