CVE-2023-38025

Summary

SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to arbitrary system commands or disrupt service.

Affected Software

VendorProductVersion RangeStatus
SPOTCAM CO., LTD.SpotCam FHD 21.0036affected

Weaknesses

  • CWE 78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References