Disclosure: Command Injection in Geutebrück Cameras (opens in new tab)

During a penetration test for a customer, we identified a command injection vulnerability in Geutebrück security cameras that allows authenticated attackers to execute arbitrary commands as root through the web interface. The root cause is unsanitized user input being passed into a sed script (and at least 12 other CGI endpoints). In addition to the injection, we identified an XSS vulnerability, an exposed system menu leaking configuration and log data, and an insecure GET-parameter-to-enviro...