TVN ID | TVN-202104002 |
---|---|
CVE ID | CVE-2021-30166 |
CVSS | 7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Affected Products | MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera firmware prior version 7.1.94.8908 |
Description | The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission. |
Solution | Update P2/Z2/P3/Z3 IP camera firmware to SVN9695 |
Credit | keniver |
Public Date | 2021-04-28 |