CVE-2021-33544

Summary

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
GeutebrückE2 SeriesEBC-21xx 1.12.13.2affected
GeutebrückE2 SeriesEBC-21xx 1.12.14.5affected
GeutebrückE2 SeriesEFD-22xx 1.12.13.2affected
GeutebrückE2 SeriesEFD-22xx 1.12.14.5affected
GeutebrückE2 SeriesETHC-22xx 1.12.13.2affected
GeutebrückE2 SeriesETHC-22xx 1.12.14.5affected
GeutebrückE2 SeriesEWPC-22xx 1.12.13.2affected
GeutebrückE2 SeriesEWPC-22xx 1.12.14.5affected
GeutebrückE2 SeriesEBC-21xx <= 1.12.0.27affected
GeutebrückE2 SeriesEFD-22xx <= 1.12.0.27affected
GeutebrückE2 SeriesETHC-22xx <= 1.12.0.27affected
GeutebrückE2 SeriesEWPC-22xx <= 1.12.0.27affected
GeutebrückEncoder G-CodeEEC-2xx 1.12.13.2affected
GeutebrückEncoder G-CodeEEC-2xx 1.12.14.5affected
GeutebrückEncoder G-CodeEEN-20xx 1.12.13.2affected
GeutebrückEncoder G-CodeEEN-20xx 1.12.14.5affected
GeutebrückEncoder G-CodeEEC-2xx <= 1.12.0.27affected
GeutebrückEncoder G-CodeEEN-20xx <= 1.12.0.27affected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CVE Program Container

Additional References

References