Vulnerability Details CVE-2013-1598
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.322
EPSS Ranking 96.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- http://www.securityfocus.com/bid/59575
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83946
- https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt
- https://packetstormsecurity.com/files/cve/CVE-2013-1598
- https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities
- http://www.securityfocus.com/bid/59575
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83946
- https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt
- https://packetstormsecurity.com/files/cve/CVE-2013-1598
- https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities
Products affected by CVE-2013-1598
-
cpe:2.3:h:vivotek:pt7135:-
-
cpe:2.3:o:vivotek:pt7135_firmware:0300a
-
cpe:2.3:o:vivotek:pt7135_firmware:0400a