{"containers": {"cna": {"affected": [{"product": "E2 Series", "vendor": "Geutebr\u00fcck", "versions": [{"status": "affected", "version": "EBC-21xx 1.12.13.2 "}, {"status": "affected", "version": "EBC-21xx 1.12.14.5"}, {"status": "affected", "version": "EFD-22xx 1.12.13.2 "}, {"status": "affected", "version": "EFD-22xx 1.12.14.5"}, {"status": "affected", "version": "ETHC-22xx 1.12.13.2 "}, {"status": "affected", "version": "ETHC-22xx 1.12.14.5"}, {"status": "affected", "version": "EWPC-22xx 1.12.13.2 "}, {"status": "affected", "version": "EWPC-22xx 1.12.14.5"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "EBC-21xx", "versionType": "custom"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "EFD-22xx", "versionType": "custom"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "ETHC-22xx", "versionType": "custom"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "EWPC-22xx", "versionType": "custom"}]}, {"product": "Encoder G-Code", "vendor": "Geutebr\u00fcck", "versions": [{"status": "affected", "version": "EEC-2xx 1.12.13.2 "}, {"status": "affected", "version": "EEC-2xx 1.12.14.5"}, {"status": "affected", "version": "EEN-20xx 1.12.13.2 "}, {"status": "affected", "version": "EEN-20xx 1.12.14.5"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "EEC-2xx", "versionType": "custom"}, {"lessThanOrEqual": "1.12.0.27", "status": "affected", "version": "EEN-20xx", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Titouan Lazard and Ibrahim Ayadhi from RandoriSec reported these vulnerabilities."}], "datePublic": "2021-08-31T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-17T21:06:48", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html"}], "source": {"discovery": "EXTERNAL"}, "title": "UDP Technology/Geutebr\u00fcck camera devices: Buffer overflow in action parameter leading to RCE", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2021-08-31T22:00:01.000Z", "ID": "CVE-2021-33549", "STATE": "PUBLIC", "TITLE": "UDP Technology/Geutebr\u00fcck camera devices: Buffer overflow in action parameter leading to RCE"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "E2 Series", "version": {"version_data": [{"version_affected": "<=", "version_name": "EBC-21xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "EBC-21xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "EBC-21xx", "version_value": "1.12.14.5"}, {"version_affected": "<=", "version_name": "EFD-22xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "EFD-22xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "EFD-22xx", "version_value": "1.12.14.5"}, {"version_affected": "<=", "version_name": "ETHC-22xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "ETHC-22xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "ETHC-22xx", "version_value": "1.12.14.5"}, {"version_affected": "<=", "version_name": "EWPC-22xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "EWPC-22xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "EWPC-22xx", "version_value": "1.12.14.5"}]}}, {"product_name": "Encoder G-Code", "version": {"version_data": [{"version_affected": "<=", "version_name": "EEC-2xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "EEC-2xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "EEC-2xx", "version_value": "1.12.14.5"}, {"version_affected": "<=", "version_name": "EEN-20xx", "version_value": "1.12.0.27"}, {"version_affected": "=", "version_name": "EEN-20xx", "version_value": "1.12.13.2 "}, {"version_affected": "=", "version_name": "EEN-20xx", "version_value": "1.12.14.5"}]}}]}, "vendor_name": "Geutebr\u00fcck"}]}}, "credit": [{"lang": "eng", "value": "Titouan Lazard and Ibrahim Ayadhi from RandoriSec reported these vulnerabilities."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-121 Stack-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/", "refsource": "CONFIRM", "url": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/"}, {"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03"}, {"name": "http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2021-33549", "datePublished": "2021-08-31T00:00:00", "dateReserved": "2021-05-24T00:00:00", "dateUpdated": "2021-09-17T21:06:48", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D112B35C-B264-40A0-83D1-E55B9036913A", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "22660A4B-ABFC-466D-9E0C-2EF4BD7A98F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "1E6939CF-1255-4E41-9199-B20471BDE977", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2110:*:*:*:*:*:*:*:*", "matchCriteriaId": "181CBC12-DCC7-49AB-A9EC-8581D14333D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFC70BCD-CBC1-4556-93C2-BAA4A5E0AE3D", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "8FB8A43B-E79D-4AC2-83ED-C29AAEA35E89", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "EC4847BD-E880-42DD-8A93-64042F286DFC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2111:*:*:*:*:*:*:*:*", "matchCriteriaId": "F93DB9C2-07FA-4EE6-B079-0189E73C4033", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "11754F1F-D3C6-490D-BA6E-AB5B17460F1E", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "E75EFC79-4453-4D6F-81A7-F0954EBCBA63", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "AED71348-C669-44DD-8670-9361D77F4995", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2241:*:*:*:*:*:*:*:*", "matchCriteriaId": "571918FA-7A65-4DED-83BD-4EBB73417430", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5230A0E-1D52-4C82-AB2A-FD4C5714AA6E", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B2BC819-B425-41D2-BEDE-943B5D4781B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "966334C5-628B-444F-8992-2DB8857BE797", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2250:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0D67535-75F6-4467-9834-FBEFE5E9CB4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "498E6BC9-3B2C-4F7C-9A76-7DDA3CE55E62", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "F1438441-4FDD-4C13-A230-EFE53DF8BBBB", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "4E5DEF62-A9EA-46A8-8BE2-603356F50493", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2230:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B1A2A83-64B9-44D5-9BCC-0DB4ED628F7B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "985CAD50-895C-4DFB-A41F-77A44C44D8B5", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "DCF30D97-6FC0-4D80-B8A4-B24078FDBA4C", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "843E4BCD-598B-457E-BB4F-17F29052C27B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2239:*:*:*:*:*:*:*:*", "matchCriteriaId": "35C88F5F-1340-41B6-85E0-84954A3E2C0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB0BB4B5-FFB9-40C2-B1E5-D1ECBFA550F3", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "0374A073-CAC4-4137-94DE-50035DC52DB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "6AFF5C0B-9493-4B7C-983F-EC3418B52DB8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2240:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACDA66D2-4E05-48F3-A710-30FB1BFBB22E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "886C810D-2D03-45C1-BBFB-1A290374EE92", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "D7851EE3-21FB-4447-A5B7-DFAFC335845B", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "FB0CDFBB-DA48-4E41-BDA2-01179AF04EA2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ethc-2249:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EB8C61F-AA77-4D33-9BCB-D1F01020E47C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C67E1A48-7907-448A-9E29-6964BEA54AA6", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "16E2C1A4-E048-4DB8-8FB2-B020AD1F37F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "0FA3BBD7-77C8-4E78-81EC-EF0B3123F75D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7E4E8B5-D432-471D-A612-86AA7B83E49D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2AFB104-E3B2-4CBF-93A7-13DD14A509DD", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "B1DDDFD1-0428-4909-8079-D696D45ECED8", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "894AB862-E9E5-4E7B-A3FC-945C315911A6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_eec-2400:*:*:*:*:*:*:*:*", "matchCriteriaId": "729D81B8-66E8-44D9-B794-ED4A8E869E10", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3808D6AA-3D02-44F1-8914-018BB17B2429", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC42C86C-8DAC-469C-9A6C-41F1D6E48891", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "70924709-F815-4E43-9FCC-BAFFF7154DAF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_een-2010:*:*:*:*:*:*:*:*", "matchCriteriaId": "E71CBF86-3629-4F90-837F-DB9907AE2058", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6ADD66ED-4A4C-4B95-95CA-A116AAB52C5E", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "A527F7AB-0434-4BC4-95EF-E1F18BDAC2B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "E23967D9-54C1-40C8-AB9F-61BAF2EAF9E3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-code_een-2040:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FB10D7B-5FA5-486E-AE01-D96B901036A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6F25262-F719-4B70-8782-F23FB546A140", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF81F56A-6D0A-4294-937F-C4F82259F538", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "2395E255-6FA5-4C74-938B-F94A20B02943", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ebc-2112:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A7FEC97-E87B-47A8-A171-0CF22EAD54D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D534DDA-8AD5-4FCC-BBA3-499F20230506", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "670D86CA-F192-49C0-B7BA-580A94A5DF59", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "4A5D0DDC-5C4C-4948-ADF9-0A2D40D7E8FF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_efd-2251:*:*:*:*:*:*:*:*", "matchCriteriaId": "424F7E3B-565A-4E9B-942E-C241A08FAF33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0BCBCFE-CAFF-4C12-99BB-39A6A0B86A7A", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "41D9C92C-BDAB-4062-A9EF-A1CF4BA19F0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "FE138FC3-80A6-45F1-8AD2-EA5842351B67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2275:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F2AC61F-6C50-4B2F-A260-4FB128BFC956", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC9252C6-B2F6-4476-8294-98695218D26B", "versionEndIncluding": "1.12.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C5A8920-DC4C-4E7A-8A09-95987B81C1B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "4328D71C-125E-414D-BFE9-F83C5B5AB646", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:geutebrueck:g-cam_ewpc-2271:*:*:*:*:*:*:*:*", "matchCriteriaId": "62EB57D9-0F72-40CD-A776-68121B19D06B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple camera devices by UDP Technology, Geutebr\u00fcck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code."}, {"lang": "es", "value": "M\u00faltiples dispositivos de c\u00e1mara de UDP Technology, Geutebr\u00fcck y otros proveedores son vulnerables a una condici\u00f3n de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el par\u00e1metro action, que puede permitir a un atacante ejecutar c\u00f3digo arbitrario remotamente"}], "id": "CVE-2021-33549", "lastModified": "2021-09-27T14:30:08.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Secondary"}]}, "published": "2021-09-13T18:15:22.773", "references": [{"source": "info@cert.vde.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/164191/Geutebruck-instantrec-Remote-Command-Execution.html"}, {"source": "info@cert.vde.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03"}, {"source": "info@cert.vde.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}