Vulnerability Details CVE-2013-2568
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.575
EPSS Ranking 98.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/60190
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84569
- https://packetstormsecurity.com/files/cve/CVE-2013-2568/page1/
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2013-2568
- https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities
- http://www.securityfocus.com/bid/60190
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84569
- https://packetstormsecurity.com/files/cve/CVE-2013-2568/page1/
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2013-2568
- https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities
Products affected by CVE-2013-2568
-
cpe:2.3:h:zavio:f3105:-
-
cpe:2.3:h:zavio:f312a:-
-
cpe:2.3:o:zavio:f3105_firmware:-
-
cpe:2.3:o:zavio:f3105_firmware:1.6.03
-
cpe:2.3:o:zavio:f312a_firmware:-
-
cpe:2.3:o:zavio:f312a_firmware:1.6.03