The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of a vulnerability, tracked as (CVSS base score of 8.8), in Avtech camera that has been exploited in the wild.
An attacker can exploit this flaw to inject and execute commands as the owner of the running process.
“Successful exploitation of this vulnerability could allow an attacker to inject and execute commands as the owner of the running process.” reads the published by CISA. “Commands can be injected over the network and executed without authentication.”
The vulnerability impacts Avtech AVM1203 IP cameras running firmware versions FullImg-1023-1007-1011-1009 and prior.
The US agency states that it is suspected that prior versions of other IP cameras and NVR (network video recorder) products are also affected.
The cyber security expert Larry Cashdollar of Akamai Technologies reported the vulnerability to CISA.
CISA attempted to report the issue to the vendor that has yet to respond to requests.
The US Agency advises users to reduce the risk of exploitation of the vulnerability by:
Multiple botnets are known to target Avtech devices, including Mirai, Death botnet, Hide ‘N Seek and HNS.
Follow me on Twitter: and and Mastodon
(SecurityAffairs – hacking, CISA)