Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command Injection in Smartwares cameras
Vulnerability Description
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. During the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Smartwares CIP-37210AT和Smartwares C724IP 安全漏洞
Vulnerability Description
Smartwares CIP-37210AT和Smartwares C724IP都是Smartwares公司的产品。Smartwares CIP-37210AT是一款 IP 摄像头设备,用于家庭或办公室的安全监控。Smartwares C724IP是一款 IP 摄像头设备,用于家庭或办公室的安全监控。 Smartwares CIP-37210AT和Smartwares C724IP 3.3.0及之前版本存在安全漏洞,该漏洞源于未适当清理输入,从而允许命令注入。
CVSS Information
N/A
Vulnerability Type
N/A