The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. NOTE: This may be a duplicate of CVE-2020-10176
References
Link | Resource |
---|---|
https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/ | Third Party Advisory |
https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf | Exploit Third Party Advisory |
https://whiterosezex.blogspot.com/2021/01/cve-2020-23826-rce-vulnerability-in.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-22T19:06:44
Updated: 2021-02-01T19:43:22
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23826
JSON object: View
NVD Information
Status : Modified
Published: 2021-01-26T18:15:42.863
Modified: 2024-05-17T01:45:37.963
Link: CVE-2020-23826
JSON object: View
Redhat Information
No data.
CWE