CVE-2013-2578
82Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 74%
from disclosure to weapon0 days
Published on NVDOct 11
1st PoCAug 2
metasploit+800d
VulnCheck+2458d
exploitation probability
74%top 1% of all CVEs
observed exploitation
yesVulnCheck
1 public exploit(s)
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/27289unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.