BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution
Posted by deepcore on February 5, 2019 – 1:35 pm
BEWARD N100 H.264 VGA IP Camera version M2.1.6 suffers from two authenticated command injection vulnerabilities. The issues can be triggered when calling ServerName or TimeZone GET parameters via the servertest page. This can be exploited to inject arbitrary system commands and gain root remote code execution.
Post a reply
You must be logged in to post a comment.