CVE-2013-2578

cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:h:tp-link:tl-sc3171:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc3171g:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc3130:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc3130g:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:lm_firmware:*:*:*:*:*:*:*:*

Information

Published : 2013-10-11 14:55

Updated : 2013-10-15 06:13


NVD link : CVE-2013-2578

Mitre link : CVE-2013-2578


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

tp-link

  • tl-sc3171
  • lm_firmware
  • tl-sc3130
  • tl-sc3171g
  • tl-sc3130g