Primary

Context

EFM ipTIME C200 Command Injection Vulnerability in ApplyRestore Endpoint

Vulnerability

A command injection vulnerability has been identified in the EFM ipTIME C200 IP camera, affecting firmware versions through 1.092. The issue arises in the ApplyRestore endpoint within the 'iux_set.cgi' file, specifically in the 'sub_408F90' function. This vulnerability allows remote attackers to inject shell commands into certain configuration fields of a backup file, which are then executed with root privileges on the device.

Impact

Exploitation of this vulnerability allows for arbitrary command execution with root privileges on the affected device.

Reproduction

To reproduce this vulnerability, first obtain a valid session by logging into the device. After logging in, upload a malicious configuration file through the ApplyRestore endpoint that includes injected commands in the 'sysset_userid' or 'sysset_userpw' fields. Once the file is processed, the injected commands will be executed with root privileges.

Added: May 5, 2026, 1:20 PM

Updated: May 5, 2026, 1:20 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

7.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

7.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EFM ipTIME C200 Command Injection Vulnerability in ApplyRestore Endpoint

Vulnerability

Impact

Reproduction

Affected Products

EFM ipTIME C200

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating