Vendor CVEs
Geutebrück
All CVEs
27 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5174 | Cri | 0.71 | 9.8 | 0.52 | May 19, 2017 | An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code… | ||
| CVE-2018-15534 | Cri | 0.69 | 9.8 | 0.32 | Aug 21, 2018 | Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003. | ||
| CVE-2017-11517 | Cri | 0.69 | 9.8 | 0.29 | Jul 21, 2017 | Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||
| CVE-2017-5173 | Cri | 0.69 | 9.8 | 0.30 | May 19, 2017 | An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an… | ||
| CVE-2025-12463 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2025 | An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the `Group` parameter in the `/uapi-cgi/viewer/Param.cgi` script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19. | ||
| CVE-2018-7532 | Cri | 0.64 | 9.8 | 0.08 | Mar 22, 2018 | Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. | ||
| CVE-2018-7520 | Cri | 0.64 | 9.8 | 0.02 | Mar 22, 2018 | An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords. | ||
| CVE-2018-7528 | Cri | 0.59 | 9.1 | 0.02 | Mar 22, 2018 | An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data. | ||
| CVE-2018-7524 | Hig | 0.57 | 8.8 | 0.01 | Mar 22, 2018 | A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system. | ||
| CVE-2018-7516 | Hig | 0.48 | 7.3 | 0.01 | Mar 22, 2018 | A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | ||
| CVE-2018-15533 | Med | 0.43 | 6.1 | 0.03 | Aug 21, 2018 | A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005. | ||
| CVE-2018-7512 | Med | 0.40 | 6.1 | 0.02 | Mar 22, 2018 | A cross-site scripting vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. | ||
| CVE-2021-33544 | 0.11 | — | 0.95 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33554 | 0.10 | — | 0.56 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33553 | 0.10 | — | 0.47 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33552 | 0.10 | — | 0.47 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33551 | 0.10 | — | 0.47 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33550 | 0.10 | — | 0.56 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33549 | 0.10 | — | 0.66 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33548 | 0.10 | — | 0.56 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33543 | 0.10 | — | 0.82 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service. | |||
| CVE-2020-16205 | 0.07 | — | 0.60 | Aug 14, 2020 | Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). | |||
| CVE-2021-33547 | 0.02 | — | 0.03 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33546 | 0.02 | — | 0.03 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-33545 | 0.02 | — | 0.03 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2019-10957 | 0.00 | — | 0.01 | Jan 17, 2020 | Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a… | |||
| CVE-2019-10956 | 0.00 | — | 0.03 | Jan 17, 2020 | Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root. |
- risk 0.71cvss 9.8epss 0.52
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code…
- risk 0.69cvss 9.8epss 0.32
Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003.
- risk 0.69cvss 9.8epss 0.29
Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request.
- risk 0.69cvss 9.8epss 0.30
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an…
- risk 0.64cvss 9.8epss 0.01
An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the `Group` parameter in the `/uapi-cgi/viewer/Param.cgi` script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19.
- risk 0.64cvss 9.8epss 0.08
Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution.
- risk 0.64cvss 9.8epss 0.02
An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords.
- risk 0.59cvss 9.1epss 0.02
An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data.
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system.
- risk 0.48cvss 7.3epss 0.01
A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans.
- risk 0.43cvss 6.1epss 0.03
A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005.
- risk 0.40cvss 6.1epss 0.02
A cross-site scripting vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution.
- CVE-2021-33544Sep 13, 2021risk 0.11cvss —epss 0.95
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33554Sep 13, 2021risk 0.10cvss —epss 0.56
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33553Sep 13, 2021risk 0.10cvss —epss 0.47
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33552Sep 13, 2021risk 0.10cvss —epss 0.47
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33551Sep 13, 2021risk 0.10cvss —epss 0.47
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33550Sep 13, 2021risk 0.10cvss —epss 0.56
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33549Sep 13, 2021risk 0.10cvss —epss 0.66
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33548Sep 13, 2021risk 0.10cvss —epss 0.56
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33543Sep 13, 2021risk 0.10cvss —epss 0.82
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
- CVE-2020-16205Aug 14, 2020risk 0.07cvss —epss 0.60
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
- CVE-2021-33547Sep 13, 2021risk 0.02cvss —epss 0.03
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33546Sep 13, 2021risk 0.02cvss —epss 0.03
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-33545Sep 13, 2021risk 0.02cvss —epss 0.03
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.
- CVE-2019-10957Jan 17, 2020risk 0.00cvss —epss 0.01
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a…
- CVE-2019-10956Jan 17, 2020risk 0.00cvss —epss 0.03
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root.