iCatch.DVR.OEM.Remote.Command.Injection
Description
This indicates an attack attempt to exploit a Code Injection vulnerability in iCatch OEM DVR.
The vulnerability is due to an error in the application when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.
Affected Products
Affected vendors include:
iCatch
iCatchBrand
iCatchII
iCatchIII
Finest
KRP
KRPII
Ameba
AmebaII
Fujiko
FujikoII
iView
iViewII
Zestron
ZestronII
Videofon
Crown
JVisionII
Vital
Hedayat
Lynstan
Companics
Viotech
JVision
Maxtel
Vantech
Yoko
Mytone
eCare
iCatchV
Shinsoft
iCatchVI
iCatchVII
Y3K
Novicam
GESS
AmebaIII
KRPIII
Y3KII
Splendor
Lets
CrownII
Betech
SnS
Sputnik
Genius
WTW_II
Visiotech
EverFocus
KELC
Auratec
Acula
Ascani
CN
Forenix
Lilin
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the appropriate patch from the vendor or upgrade to a non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |