CVE-2020-7879 - Vulnerability Details - OpenCVE

ReportizFlow

This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to execute remote command.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Iptime	C200 C200 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:iptime:c200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:iptime:c200:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365

History

No history.

MITRE

Status: PUBLISHED

Assigner: krcert

Published: 2021-11-30T18:37:29

Updated: 2024-08-04T09:41:01.886Z

Reserved: 2020-01-22T00:00:00

Link: CVE-2020-7879

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-11-30T19:15:08.030

Modified: 2024-11-21T05:37:58.000

Link: CVE-2020-7879

Redhat

No data.

{"containers": {"cna": {"affected": [{"platforms": ["N/A"], "product": "ipTIME C200 IP Camera", "vendor": "EFM networks & multimedia", "versions": [{"lessThanOrEqual": "1.0.16", "status": "affected", "version": "1.0.16", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to execute remote command."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-30T18:37:29", "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "shortName": "krcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365"}], "source": {"discovery": "UNKNOWN"}, "title": "ipTIME C200 IP Camera command injection vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2020-7879", "STATE": "PUBLIC", "TITLE": "ipTIME C200 IP Camera command injection vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ipTIME C200 IP Camera", "version": {"version_data": [{"platform": "N/A", "version_affected": "<=", "version_name": "1.0.16", "version_value": "1.0.16"}]}}]}, "vendor_name": "EFM networks & multimedia"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to execute remote command."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365", "refsource": "MISC", "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:41:01.886Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365"}]}]}, "cveMetadata": {"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "assignerShortName": "krcert", "cveId": "CVE-2020-7879", "datePublished": "2021-11-30T18:37:29", "dateReserved": "2020-01-22T00:00:00", "dateUpdated": "2024-08-04T09:41:01.886Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:iptime:c200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "67D5AC5F-54DC-4806-9D9D-7A11A8296919", "versionEndIncluding": "1.0.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:iptime:c200:-:*:*:*:*:*:*:*", "matchCriteriaId": "51EFFE28-E23D-4FB7-9BF2-179DD051B0A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation check. This vulnerability allows remote attackers to execute remote command."}, {"lang": "es", "value": "Este problema se ha detectado cuando la c\u00e1mara IP ipTIME C200 se sincroniz\u00f3 con el NAS ipTIME. Es necesario extraer el valor de la c\u00e1mara IP ipTIME porque el NAS ipTIME env\u00eda ans setCookie(\"[COOKIE]\") . El valor se transfiere a la opci\u00f3n --header en el binario de wget, y no presenta ninguna comprobaci\u00f3n de comprobaci\u00f3n. Esta vulnerabilidad permite a atacantes remotos ejecutar un comando remoto"}], "id": "CVE-2020-7879", "lastModified": "2024-11-21T05:37:58.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-11-30T19:15:08.030", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36365"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Primary"}]}