Security Advisory

CVE-2018-19073

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-11-07 18:00:00

Last updated 2024-08-05 11:30:03

Assigner mitre

State PUBLISHED

Description

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access.

← Browse all CVEs View on cve.org ↗