search menu icon-carat-right cmu-wordmark

CERT Coordination Center


Grandsteam GXV3611_HD camera is vulnerable to SQL injection

Vulnerability Note VU#253708

Original Release Date: 2015-07-07 | Last Revised: 2015-07-07

Overview

The Grandsteam GXV3611_HD is an IP network camera used for surveillance and security. The Grandsteam GXV3611_HD is vulnerable to a SQL injection attack.

Description

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2015-2866

The Grandstream GXV3611_HD camera with firmware of 1.0.3.6 or before does not correctly perform input validation on the username field of the telnet login. An attacker may exploit this weakness to execute a SQL injection attack on the camera's configuration.

Impact

A remote unauthenticated attacker may be able to perform a SQL injection to view or modify the configuration of the device.

Solution

Update the firmware

Grandstream has released firmware 1.0.3.9 beta to address this issue. Consider updating your camera's firmware as soon as possible.

Vendor Information

253708
Expand all

Grandstream

Updated:  June 30, 2015

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

According to the vendor, this issue has been officially resolved in the latest beta firmware (version 1.0.3.9 beta)

Vendor References

http://www.grandstream.com/support/firmware

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N
Temporal 5.0 E:POC/RL:OF/RC:C
Environmental 3.8 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to the Living Lab at IUPUI for reporting this vulnerability to us.

This document was written by Garret Wassermann.

Other Information

CVE IDs: CVE-2015-2866
Date Public: 2015-07-07
Date First Published: 2015-07-07
Date Last Updated: 2015-07-07 18:33 UTC
Document Revision: 51

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.