Arbitrary OS Command Execution and Information Leakage in I-O DATA Network Cameras
CVE-2018-0661 · HIGH Severity
AV:A/AC:L/AU:N/C:C/I:C/A:C
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.
Learn more about our Network Penetration Testing.