VYPR

CS-C2SHW

by Rostelecom

CVEs (4)

  • CVE-2020-27540CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter and from this configuration is directly inserted into a bash command. Firmware…

  • CVE-2020-27539CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow (OOB write). In default configuration camera parses responses only from HTTPS URLs from…

  • CVE-2020-27541HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be…

  • CVE-2020-27542MedJan 26, 2021
    risk 0.44cvss 6.8epss 0.01

    Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads configuration from QR code (including network settings). The static IP configuration from QR code is copied to the file /config/ip-static and after reboot data from this file is inserted into…