Geutebruck G-Cam E-Series Cameras Unauthenticated SQL Injection Vulnerability

Vulnerability

A vulnerability allowing unauthenticated SQL injection has been identified in Geutebruck G-Cam E-Series Cameras. The issue arises in the 'Group' parameter of the '/uapi-cgi/viewer/Param.cgi' script. This vulnerability has been confirmed on the EFD-2130 camera with firmware version 1.12.0.19.

Impact

Exploitation of this vulnerability allows for SQL injection, which could lead to unauthorized database access or manipulation.

Added: Nov 3, 2025, 5:19 PM

Updated: Nov 3, 2025, 5:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Geutebruck G-Cam E-Series Cameras Unauthenticated SQL Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating