Beward N100 IP Camera Command Injection Vulnerability Leading to Remote Code Execution

A command injection vulnerability allowing remote code execution has been identified in the Beward N100 IP Camera, specifically in the firmware version M2.1.6.04C014. This vulnerability arises from improper input validation in the servetest CGI page, where the ServerName and TimeZone parameters can be exploited to inject arbitrary system commands. The injected commands are executed with root privileges, compromising the device's security.

Impact

Exploitation of this vulnerability allows authenticated users to execute arbitrary commands on the camera's operating system with root privileges, potentially leading to unauthorized access or control over the device and its functions.

Reproduction

To reproduce this vulnerability, send a GET request to the 'servetest' CGI page with the 'ServerName' or 'TimeZone' parameters. Include the 'Authorization' header with basic authentication credentials. The injected command can be verified by the response, which will include the output of the executed command.