Denial of Service : Sony IPELA Engine IP Cameras Backdoor Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.107106

Categoría: Denial of Service

Título: Sony IPELA Engine IP Cameras Backdoor Vulnerability

Resumen: on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.

Descripción: Summary:
on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.

Vulnerability Insight:
The flaw is due to an improper validation of
web requests passed via GET the parameter.

Vulnerability Impact:
Successful exploitation may allows an attacker to run arbitrary code on the affected IP cameras.

Affected Software/OS:
According to Sony, at least the following products are affected:

SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120,

SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520,

SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551

SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585,

SNC-ER585H, SNC-ZP550, SNC-ZR550

SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C

SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630,

SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC,

SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B,

SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635,

SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R,

SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600,

SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631,

SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L,

SNC-WR602CL

Solution:
The vendor provided the following URL to download firmware updates for the affected devices. Updates should be installed immediately.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.107106
Categoría:	Denial of Service
Título:	Sony IPELA Engine IP Cameras Backdoor Vulnerability
Resumen:	on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability.
Descripción:	Summary: on a Sony IPELA Engine IP Camera is prone to a backdoor vulnerability. Vulnerability Insight: The flaw is due to an improper validation of web requests passed via GET the parameter. Vulnerability Impact: Successful exploitation may allows an attacker to run arbitrary code on the affected IP cameras. Affected Software/OS: According to Sony, at least the following products are affected: SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551 SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550 SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL Solution: The vendor provided the following URL to download firmware updates for the affected devices. Updates should be installed immediately. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Copyright	Copyright (C) 2016 Greenbone AG