Vstracm C38s Firmware Remote Code Exection Vulnerability

Summary

An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any authentication. The attacker can achieve access to the device through a manipulated web UI firmware update.

Credit:

The information has been provided by Vstracm
The original article can be found at: http://f1security.co.kr/cve/cve_190314.htm


Details

An exploitable firmware vulnerability by updating web UI firmware (Remote). An attacker can gain control through a forced firmware update without any authentication via upgrade_htmls.cgi in a web application on a custom-built GoAhead web server used on Vstarcam.

Vulnerable Systems:

  • Vstracm C38s Firmware Kr203.18.1.20
  • Vstracm C7824iwp Firmware Kr75.8.53.20

CVE Information:

CVE-2019-12288

Disclosure Timeline:
Publish Date:05/23/2019

Categories: News