CVE-2021-30166

The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.

MISC: https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
MISC: https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
MISC: https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf
MISC: https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30166

14 years
256 countries
683k users
4525k calculations
Logo www.cctvforum.com
Logo ipcamtalk.com
Logo www.i4wifi.cz
Logo www.eleksys.cz
Logo www.systemy-stech.cz
Logo sectech.co.nz