Denial of Service : Sony IPELA Engine IP Cameras Backdoor Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.107106

Kategorie: Denial of Service

Titel: Sony IPELA Engine IP Cameras Backdoor Vulnerability

Zusammenfassung: on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.

Beschreibung: Summary:
on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.

Vulnerability Insight:
The flaw is due to an improper validation of
web requests passed via GET the parameter.

Vulnerability Impact:
Successful exploitation may allows an attacker to run arbitrary code on the affected IP cameras.

Affected Software/OS:
According to Sony, at least the following products are affected:

SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120,

SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520,

SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551

SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585,

SNC-ER585H, SNC-ZP550, SNC-ZR550

SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C

SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630,

SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC,

SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B,

SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635,

SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R,

SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600,

SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631,

SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L,

SNC-WR602CL

Solution:
The vendor provided the following URL to download firmware updates for the affected devices. Updates should be installed immediately.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.107106
Kategorie:	Denial of Service
Titel:	Sony IPELA Engine IP Cameras Backdoor Vulnerability
Zusammenfassung:	on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.
Beschreibung:	Summary: on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability. Vulnerability Insight: The flaw is due to an improper validation of web requests passed via GET the parameter. Vulnerability Impact: Successful exploitation may allows an attacker to run arbitrary code on the affected IP cameras. Affected Software/OS: According to Sony, at least the following products are affected: SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551 SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550 SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL Solution: The vendor provided the following URL to download firmware updates for the affected devices. Updates should be installed immediately. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Copyright	Copyright (C) 2016 Greenbone AG