CVE-2021-33543

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ebc-2110:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ebc-2111:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_efd-2241:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_efd-2250:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ethc-2230:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ethc-2239:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ethc-2240:*:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ethc-2249:*:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:*:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-code_eec-2400:*:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_een-2010_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-code_een-2010:*:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-code_een-2040_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-code_een-2040:*:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ebc-2112_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ebc-2112:*:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_efd-2251_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_efd-2251:*:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2275_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ewpc-2275:*:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
OR cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.13.2:*:*:*:*:*:*:*
cpe:2.3:o:geutebrueck:g-cam_ewpc-2271_firmware:1.12.14.5:*:*:*:*:*:*:*
cpe:2.3:h:geutebrueck:g-cam_ewpc-2271:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:09

Type Values Removed Values Added
References () https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03 - Third Party Advisory, US Government Resource () https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03 - Third Party Advisory, US Government Resource
References () https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/ - Exploit, Third Party Advisory () https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/ - Exploit, Third Party Advisory

07 Nov 2023, 03:35

Type Values Removed Values Added
Summary Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service. Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.

Information

Published : 2021-09-13 18:15

Updated : 2024-11-21 06:09


NVD link : CVE-2021-33543

Mitre link : CVE-2021-33543

CVE.ORG link : CVE-2021-33543


JSON object : View

Products Affected

geutebrueck

  • g-cam_ethc-2240
  • g-cam_ewpc-2275
  • g-cam_ethc-2249_firmware
  • g-code_een-2010_firmware
  • g-cam_efd-2241_firmware
  • g-code_een-2010
  • g-cam_efd-2241
  • g-cam_ethc-2230
  • g-cam_ebc-2112
  • g-cam_ebc-2110
  • g-cam_ethc-2249
  • g-code_eec-2400_firmware
  • g-cam_ebc-2111
  • g-cam_ebc-2111_firmware
  • g-code_een-2040
  • g-cam_efd-2250
  • g-code_eec-2400
  • g-cam_efd-2251_firmware
  • g-cam_ebc-2110_firmware
  • g-cam_ewpc-2270_firmware
  • g-cam_ethc-2230_firmware
  • g-cam_efd-2250_firmware
  • g-cam_ebc-2112_firmware
  • g-cam_ethc-2239_firmware
  • g-cam_ewpc-2271
  • g-code_een-2040_firmware
  • g-cam_efd-2251
  • g-cam_ewpc-2275_firmware
  • g-cam_ewpc-2270
  • g-cam_ewpc-2271_firmware
  • g-cam_ethc-2240_firmware
  • g-cam_ethc-2239
CWE
CWE-306

Missing Authentication for Critical Function