[0day] Anonymous RCE on Geutebruck IP Cameras - again

Davy Douhine 20 Mars 2018 0day

Abstract A few months ago during a pentest, with Nicolas Mattiocco of Greenlock, we came across high-end IP cameras made by Geutebruck, a “leading German manufacturer and developer of high-quality, intelligent video security solutions” and found 3 RCE: a blind SQL Injection, a SSRF, a CSRF and a stored XSS affecting version 1.12.0.4 and prior versions. We’ve choose to “responsible disclose” these 0day vulnerabilities, directly to Geutebruck and the ICS-CERT (Industrial Control Systems Cyber Emergency Response Team).

[0day] Anonymous RCE on Geutebruck IP Cameras

Davy Douhine 15 Février 2017 0day

Abstract Last summer during a pentest for a client we came across high-end IP cameras made by Geutebruck, a “leading German manufacturer and developer of high-quality, intelligent video security solutions” (source: [http://www.sourcesecurity.com/companies/enhanced-company-listing/geutebruck-gmbh.html] (http://www.sourcesecurity.com/companies/enhanced-company-listing/geutebruck-gmbh.html)) and found a trivial remote command execution vulnerability (0day) affecting version 1.11.0.12 and prior versions. We’ve choose to “responsible disclose” it, directly to Geutebruck and the ICS-CERT (Industrial Control Systems Cyber Emergency Response Team). Probably the best option as the Mirai botnet was actively exploiting IP cams at that time.

Catégories

Tags