Vulnerability Details CVE-2018-17558
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2018-17558
-
cpe:2.3:h:abus:tvip_10000:-
-
cpe:2.3:h:abus:tvip_10001:-
-
cpe:2.3:h:abus:tvip_10005:-
-
cpe:2.3:h:abus:tvip_10005a:-
-
cpe:2.3:h:abus:tvip_10005b:-
-
cpe:2.3:h:abus:tvip_10050:-
-
cpe:2.3:h:abus:tvip_10051:-
-
cpe:2.3:h:abus:tvip_10055a:-
-
cpe:2.3:h:abus:tvip_10055b:-
-
cpe:2.3:h:abus:tvip_10500:-
-
cpe:2.3:h:abus:tvip_10550:-
-
cpe:2.3:h:abus:tvip_11000:-
-
cpe:2.3:h:abus:tvip_11050:-
-
cpe:2.3:h:abus:tvip_11500:-
-
cpe:2.3:h:abus:tvip_11501:-
-
cpe:2.3:h:abus:tvip_11502:-
-
cpe:2.3:h:abus:tvip_11550:-
-
cpe:2.3:h:abus:tvip_11551:-
-
cpe:2.3:h:abus:tvip_11552:-
-
cpe:2.3:h:abus:tvip_20000:-
-
cpe:2.3:h:abus:tvip_20050:-
-
cpe:2.3:h:abus:tvip_20500:-
-
cpe:2.3:h:abus:tvip_20550:-
-
cpe:2.3:h:abus:tvip_21000:-
-
cpe:2.3:h:abus:tvip_21050:-
-
cpe:2.3:h:abus:tvip_21500:-
-
cpe:2.3:h:abus:tvip_21501:-
-
cpe:2.3:h:abus:tvip_21502:-
-
cpe:2.3:h:abus:tvip_21550:-
-
cpe:2.3:h:abus:tvip_21551:-
-
cpe:2.3:h:abus:tvip_21552:-
-
cpe:2.3:h:abus:tvip_22500:-
-
cpe:2.3:h:abus:tvip_31000:-
-
cpe:2.3:h:abus:tvip_31001:-
-
cpe:2.3:h:abus:tvip_31050:-
-
cpe:2.3:h:abus:tvip_31500:-
-
cpe:2.3:h:abus:tvip_31501:-
-
cpe:2.3:h:abus:tvip_31550:-
-
cpe:2.3:h:abus:tvip_31551:-
-
cpe:2.3:h:abus:tvip_32500:-
-
cpe:2.3:h:abus:tvip_51500:-
-
cpe:2.3:h:abus:tvip_51550:-
-
cpe:2.3:h:abus:tvip_71500:-
-
cpe:2.3:h:abus:tvip_71501:-
-
cpe:2.3:h:abus:tvip_71550:-
-
cpe:2.3:h:abus:tvip_71551:-
-
cpe:2.3:h:abus:tvip_72500:-
-
cpe:2.3:o:abus:tvip_10000_firmware:-
-
cpe:2.3:o:abus:tvip_10001_firmware:-
-
cpe:2.3:o:abus:tvip_10005_firmware:-
-
cpe:2.3:o:abus:tvip_10005a_firmware:-
-
cpe:2.3:o:abus:tvip_10005b_firmware:-
-
cpe:2.3:o:abus:tvip_10050_firmware:-
-
cpe:2.3:o:abus:tvip_10051_firmware:-
-
cpe:2.3:o:abus:tvip_10055a_firmware:-
-
cpe:2.3:o:abus:tvip_10055b_firmware:-
-
cpe:2.3:o:abus:tvip_10500_firmware:-
-
cpe:2.3:o:abus:tvip_10550_firmware:-
-
cpe:2.3:o:abus:tvip_11000_firmware:-
-
cpe:2.3:o:abus:tvip_11050_firmware:-
-
cpe:2.3:o:abus:tvip_11500_firmware:-
-
cpe:2.3:o:abus:tvip_11501_firmware:-
-
cpe:2.3:o:abus:tvip_11502_firmware:-
-
cpe:2.3:o:abus:tvip_11550_firmware:-
-
cpe:2.3:o:abus:tvip_11551_firmware:-
-
cpe:2.3:o:abus:tvip_11552_firmware:-
-
cpe:2.3:o:abus:tvip_20000_firmware:-
-
cpe:2.3:o:abus:tvip_20050_firmware:-
-
cpe:2.3:o:abus:tvip_20500_firmware:-
-
cpe:2.3:o:abus:tvip_20550_firmware:-
-
cpe:2.3:o:abus:tvip_21000_firmware:-
-
cpe:2.3:o:abus:tvip_21050_firmware:-
-
cpe:2.3:o:abus:tvip_21500_firmware:-
-
cpe:2.3:o:abus:tvip_21501_firmware:-
-
cpe:2.3:o:abus:tvip_21502_firmware:-
-
cpe:2.3:o:abus:tvip_21550_firmware:-
-
cpe:2.3:o:abus:tvip_21551_firmware:-
-
cpe:2.3:o:abus:tvip_21552_firmware:-
-
cpe:2.3:o:abus:tvip_22500_firmware:-
-
cpe:2.3:o:abus:tvip_31000_firmware:-
-
cpe:2.3:o:abus:tvip_31001_firmware:-
-
cpe:2.3:o:abus:tvip_31050_firmware:-
-
cpe:2.3:o:abus:tvip_31500_firmware:-
-
cpe:2.3:o:abus:tvip_31501_firmware:-
-
cpe:2.3:o:abus:tvip_31550_firmware:-
-
cpe:2.3:o:abus:tvip_31551_firmware:-
-
cpe:2.3:o:abus:tvip_32500_firmware:-
-
cpe:2.3:o:abus:tvip_51500_firmware:-
-
cpe:2.3:o:abus:tvip_51550_firmware:-
-
cpe:2.3:o:abus:tvip_71500_firmware:-
-
cpe:2.3:o:abus:tvip_71501_firmware:-
-
cpe:2.3:o:abus:tvip_71550_firmware:-
-
cpe:2.3:o:abus:tvip_71551_firmware:-
-
cpe:2.3:o:abus:tvip_72500_firmware:-