Vulnerability Details : CVE-2021-33543
Public exploit exists!
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2021-33543
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2021-33543
-
Geutebruck Multiple Remote Command Execution
Disclosure Date: 2021-07-08First seen: 2022-12-23exploit/linux/http/geutebruck_cmdinject_cve_2021_335xxThis module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EF
CVSS scores for CVE-2021-33543
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
CERT VDE | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-33543
-
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.Assigned by: info@cert.vde.com (Primary)
References for CVE-2021-33543
-
https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03
Geutebrück G-Cam E2 and G-Code | CISAThird Party Advisory;US Government Resource
-
https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/
UDP Technology IP Camera vulnerabilitiesExploit;Third Party Advisory
Products affected by CVE-2021-33543
- cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Eec-2400
- cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Eec-2400
- cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Eec-2400
- cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2110
- cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2110
- cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2110
- cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2111
- cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2111
- cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2111
- cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2241
- cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2241
- cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2241
- cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2250
- cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2250
- cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2250
- cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2230
- cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2230
- cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2230
- cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2240
- cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2240
- cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2240
- cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2239
- cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2239
- cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2239
- cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2249
- cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2249
- cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ethc-2249
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2270
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2270
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2270
- cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2010
- cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2010
- cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2010
- cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2040
- cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2040
- cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-code Een-2040
- cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2112
- cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2112
- cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ebc-2112
- cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2251
- cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2251
- cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Efd-2251
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2275
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2275
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2275
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:*:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2271
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2271
- cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*When used together with: Geutebrueck » G-cam Ewpc-2271