Geutebruck IP Cameras Vulnerabilities

ATTENTION: Exploitable remotely/low skill level to exploit.

Vendor: Geutebrück

Equipment: IP Cameras

Vulnerabilities: Improper Authentication, SQL Injection, Cross-Site Request Forgery, Improper Access Control, Server-Side Request Forgery, Cross-site Scripting

AFFECTED PRODUCTS

Geutebrück reports that the vulnerabilities affect the following IP cameras:

  • G-Cam/EFD-2250 (part n° 5.02024) firmware version 1.12.0.4, and
  • Topline TopFD-2125 (part n° 5.02820)  firmware version 3.15.1

IMPACT

Successful exploitation of these vulnerabilities could lead to proxy network scans, access to a database, adding an unauthorized user to the system, full configuration download including passwords, and remote code execution.

MITIGATION

Geutebrück recommends G-Cam/EFD-2250 users download and update to the newest firmware version, 1.12.0.19, by registering for a new WebClub account, or by logging into an existing account at the following location:

https://www.geutebrueck.com//en_EN/login.html (link is external)

Topline users can visit the previous link for workaround advice and contact information regarding the vulnerabilities associated with the device.




Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He also has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: