N/A

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS command with root privileges.

N/A

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Sony NCP-HG100 操作系统命令注入漏洞

Sony NCP-HG100是日本索尼（Sony）公司的一款网络摄像头。 Sony NCP-HG100 1.4.48.16及之前版本存在操作系统命令注入漏洞，该漏洞源于特殊元素中和不当，可能导致远程命令执行。

N/A

N/A