ID
VAR-201810-0960
CVE
CVE-2018-12670
TITLE
SV3C L-SERIES HD CAMERA Operating System Command Injection Vulnerability
Trust: 1.2
DESCRIPTION
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection. SV3C L-SERIES HD CAMERA The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SV3CL-SERIESHDCAMERA is a network camera product of China SV3C Technology Corporation. An operating system command injection vulnerability exists in the SV3CL-SERIESHDCAMERAV2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B versions due to the program's failure to detect user input. An attacker could exploit this vulnerability to execute arbitrary commands on an affected system
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
| category: | ['camera device'] | sub_category: | camera | Trust: 0.1 |
AFFECTED PRODUCTS
| vendor: | sv3c | model: | h.264 poe ip camera | scope: | eq | version: | v2.3.4.2103-s50-ntd-b20170823b | Trust: 1.6 |
| vendor: | sv3c | model: | h.264 poe ip camera | scope: | eq | version: | v2.3.4.2103-s50-ntd-b20170508b | Trust: 1.6 |
| vendor: | sv3c | model: | h.264 poe ip camera | scope: | eq | version: | 2.3.4.2103-s50-ntd-b20170508b | Trust: 0.8 |
| vendor: | sv3c | model: | h.264 poe ip camera | scope: | eq | version: | 2.3.4.2103-s50-ntd-b20170823b | Trust: 0.8 |
| vendor: | sv3c | model: | l-series hd camera v2.3.4.2103-s50-ntd-b20170508b | scope: | - | version: | - | Trust: 0.6 |
| vendor: | sv3c | model: | l-series hd camera v2.3.4.2103-s50-ntd-b20170823b | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-78 | Trust: 1.8 |
THREAT TYPE
remote
Trust: 0.6
TYPE
operating system commend injection
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | H.264 POE IP Camera | url: | http://www.sv3c.com/H-264-POE-IP-Camera-L-Series--1.html | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-12670 | Trust: 3.2 |
| db: | VULDB | id: | 125794 | Trust: 1.2 |
| db: | JVNDB | id: | JVNDB-2018-013234 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2018-21514 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201810-1086 | Trust: 0.6 |
| db: | OTHER | id: | NONE | Trust: 0.1 |
| db: | VULMON | id: | CVE-2018-12670 | Trust: 0.1 |
REFERENCES
| url: | https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/ | Trust: 2.5 |
| url: | https://vuldb.com/?id.125794 | Trust: 1.2 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12670 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-12670 | Trust: 0.8 |
| url: | https://ieeexplore.ieee.org/abstract/document/10769424 | Trust: 0.1 |
| url: | https://cwe.mitre.org/data/definitions/78.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
SOURCES
| db: | OTHER | id: | - |
| db: | CNVD | id: | CNVD-2018-21514 |
| db: | VULMON | id: | CVE-2018-12670 |
| db: | JVNDB | id: | JVNDB-2018-013234 |
| db: | CNNVD | id: | CNNVD-201810-1086 |
| db: | NVD | id: | CVE-2018-12670 |
LAST UPDATE DATE
2025-01-30T19:57:32.622000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2018-21514 | date: | 2018-10-23T00:00:00 |
| db: | VULMON | id: | CVE-2018-12670 | date: | 2019-01-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-013234 | date: | 2019-02-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-201810-1086 | date: | 2018-10-22T00:00:00 |
| db: | NVD | id: | CVE-2018-12670 | date: | 2024-11-21T03:45:38.760 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2018-21514 | date: | 2018-10-23T00:00:00 |
| db: | VULMON | id: | CVE-2018-12670 | date: | 2018-10-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-013234 | date: | 2019-02-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-201810-1086 | date: | 2018-10-22T00:00:00 |
| db: | NVD | id: | CVE-2018-12670 | date: | 2018-10-19T22:29:00.647 |