CVE-2015-2280 - OpenCVE

snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Airlink101	Skyipcam1620w Wireless N Mpeg4 3gpp Firmware Skyipcam1620w Wireless N Mpeg4 3gpp

Configuration 1 [-]

AND

cpe:2.3:o:airlink101:skyipcam1620w_wireless_n_mpeg4_3gpp_firmware:1.1.0-12_20120709:*:*:*:*:*:*:*

cpe:2.3:h:airlink101:skyipcam1620w_wireless_n_mpeg4_3gpp:-:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/132609/AirLink101-SkyIPCam1620W-OS-Command-Injection.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2015/Jul/40	Exploit Mailing List Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/535963/100/0/threaded
http://www.securityfocus.com/bid/75597	Third Party Advisory VDB Entry
https://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection	Exploit Technical Description Third Party Advisory
https://www.exploit-db.com/exploits/37527/	Exploit Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-24T15:00:00

Updated: 2018-10-09T18:57:01

Reserved: 2015-03-10T00:00:00

Link: CVE-2015-2280

JSON object: View

NVD Information

Status : Modified

Published: 2017-07-25T01:29:00.467

Modified: 2018-10-09T19:56:12.937

Link: CVE-2015-2280

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-08T00:00:00", "descriptions": [{"lang": "en", "value": "snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection"}, {"name": "20150708 [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/535963/100/0/threaded"}, {"name": "20150708 [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Jul/40"}, {"name": "37527", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/37527/"}, {"name": "75597", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75597"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/132609/AirLink101-SkyIPCam1620W-OS-Command-Injection.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2280", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection", "refsource": "MISC", "url": "https://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection"}, {"name": "20150708 [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/535963/100/0/threaded"}, {"name": "20150708 [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Jul/40"}, {"name": "37527", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/37527/"}, {"name": "75597", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75597"}, {"name": "http://packetstormsecurity.com/files/132609/AirLink101-SkyIPCam1620W-OS-Command-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/132609/AirLink101-SkyIPCam1620W-OS-Command-Injection.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2280", "datePublished": "2017-07-24T15:00:00", "dateReserved": "2015-03-10T00:00:00", "dateUpdated": "2018-10-09T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airlink101:skyipcam1620w_wireless_n_mpeg4_3gpp_firmware:1.1.0-12_20120709:*:*:*:*:*:*:*", "matchCriteriaId": "7159CD82-2775-4991-8B19-463EBA2D8B12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airlink101:skyipcam1620w_wireless_n_mpeg4_3gpp:-:*:*:*:*:*:*:*", "matchCriteriaId": "211C19A4-58B8-4F06-B4FB-FD596A6DF902", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter."}, {"lang": "es", "value": "El archivo snwrite.cgi en la c\u00e1mara de red SkyIPCam1620W Wireless N MPEG4 3GPP con firmware versi\u00f3n FW_AIC1620W_1.1.0-12_20120709_r1192.pck de AirLink101, permite a los usuarios autenticados remotamente ejecutar comandos de sistema operativo arbitrarios por medio de metacaracteres shell en el par\u00e1metro mac."}], "id": "CVE-2015-2280", "lastModified": "2018-10-09T19:56:12.937", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-25T01:29:00.467", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132609/AirLink101-SkyIPCam1620W-OS-Command-Injection.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://seclists.org/fulldisclosure/2015/Jul/40"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/535963/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/75597"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/37527/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}