CVE-2018-9157
Summary
| CVE | CVE-2018-9157 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-01 18:29:00 UTC |
| Updated | 2023-11-07 03:01:00 UTC |
| Description | ** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality. |
Risk And Classification
Problem Types: CWE-434
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Axis | M1033-w | - | All | All | All |
| Hardware | Axis | M1033-w | - | All | All | All |
| Operating System | Axis | M1033-w Firmware | 5.40.5.1 | All | All | All |
| Operating System | Axis | M1033-w Firmware | 5.40.5.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2018-9157 | MISC | www.slideshare.net | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.