Geutebrück Mitigates IP Camera Holes

Tuesday, March 20, 2018 @ 04:03 PM gHale

Geutebrück updated its firmware to mitigate multiple vulnerabilities in its IP cameras, according to a report with ICS-CERT.

The remotely exploitable vulnerabilities are an improper authentication, SQL injection, cross-site request forgery, improper access control, server-side request forgery and cross-site scripting.

RELATED STORIES
Siemens Clears Improper Validation Issue
OSIsoft Mitigates PI Data Archive Hole
OSIsoft Fixes PI Vision Issues
OSIsoft Updates PI Web API Holes

The vulnerabilities, discovered by Davy Douhine of RandoriSec and Nicolas Mattiocco of Greenlock, affect the following IP cameras:
• G-Cam/EFD-2250 (part n° 5.02024) firmware version 1.12.0.4
• Topline TopFD-2125 (part n° 5.02820)  firmware version 3.15.1

Successful exploitation of these vulnerabilities could lead to proxy network scans, access to a database, adding an unauthorized user to the system, full configuration download including passwords, and remote code execution.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

In one vulnerability, unauthentication vulnerabilities have been identified, which may allow remote code execution.

CVE-2018-7532 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

In addition, a SQL injection vulnerability has been identified, which may allow an attacker to alter stored data.

CVE-2018-7528 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.1

Also, a cross-site request forgery vulnerability has been identified, which may allow an unauthorized user to be added to the system.

CVE-2018-7524 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

In addition, an improper access control vulnerability has been identified, which could allow a full configuration download, including passwords.

CVE-2018-7520 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

Also, a server-side request forgery vulnerability has been identified, which could lead to proxied network scans.

CVE-2018-7516 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.3.

In addition, a cross-site scripting vulnerability has been identified, which may allow remote code execution.

CVE-2018-7512 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

The product sees use in the commercial facilities, energy, healthcare, financial services and public health sectors.

The products see use mainly in Europe, United States and Australia.

Windhagen, Germany-based Geutebrück recommends G-Cam/EFD-2250 users download and update to the newest firmware version, 1.12.0.19, by registering for a new WebClub account, or by logging into an existing account.

Topline users can visit the previous link for workaround advice and contact information regarding the vulnerabilities associated with the device.



Leave a Reply

You must be logged in to post a comment.