Remote Code Execution Vulnerability in ABUS TVIP Cameras

Remote Code Execution Vulnerability in ABUS TVIP Cameras

CVE-2018-17879 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.

Learn more about our Web Application Penetration Testing UK.