virus logo Intrusion Prevention

iCatch.DVR.OEM.Remote.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Code Injection vulnerability in iCatch OEM DVR.
The vulnerability is due to an error in the application when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

Affected vendors include:
iCatch
iCatchBrand
iCatchII
iCatchIII
Finest
KRP
KRPII
Ameba
AmebaII
Fujiko
FujikoII
iView
iViewII
Zestron
ZestronII
Videofon
Crown
JVisionII
Vital
Hedayat
Lynstan
Companics
Viotech
JVision
Maxtel
Vantech
Yoko
Mytone
eCare
iCatchV
Shinsoft
iCatchVI
iCatchVII
Y3K
Novicam
GESS
AmebaIII
KRPIII
Y3KII
Splendor
Lets
CrownII
Betech
SnS
Sputnik
Genius
WTW_II
Visiotech
EverFocus
KELC
Auratec
Acula
Ascani
CN
Forenix
Lilin

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the appropriate patch from the vendor or upgrade to a non-vulnerable version if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-05-04 20.309 Sig Added
2020-10-28 16.951 Default_action:pass:drop
2020-10-14 16.943
ID 49505
Created Sep 21, 2020
Updated May 03, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Other
Affected App Other