Vulnerability Details CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.224
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/60195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84574
- https://packetstormsecurity.com/files/cve/CVE-2013-2573
- https://vuldb.com/?id.8912
- https://www.coresecurity.com/advisories/tp-link-IP-cameras-multiple-vulnerabilities
- http://www.securityfocus.com/bid/60195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84574
- https://packetstormsecurity.com/files/cve/CVE-2013-2573
- https://vuldb.com/?id.8912
- https://www.coresecurity.com/advisories/tp-link-IP-cameras-multiple-vulnerabilities
Products affected by CVE-2013-2573
-
cpe:2.3:h:tp-link:tl-sc_3130g:-
-
cpe:2.3:h:tp-link:tl-sc_3171g:-
-
cpe:2.3:h:tp-link:tl-sc_4171g:-
-
cpe:2.3:o:tp-link:tl-sc_3130g_firmware:-
-
cpe:2.3:o:tp-link:tl-sc_3130g_firmware:1.6.18p12
-
cpe:2.3:o:tp-link:tl-sc_3171g_firmware:-
-
cpe:2.3:o:tp-link:tl-sc_3171g_firmware:1.6.18p12
-
cpe:2.3:o:tp-link:tl-sc_4171g_firmware:-
-
cpe:2.3:o:tp-link:tl-sc_4171g_firmware:1.6.18p12