Sign In
Advisories

Cayin Signage Media Player 3.0 Authenticated Remote Command Injection via NTP Parameter

Go Back
severity
high
date
Affecting

  • SMP-8000QD v3.0

  • SMP-8000 v3.0

  • SMP-6000 v3.0 Build 19025

  • SMP-6000 v1.0 Build 14246

  • SMP-6000 v1.0 Build 14199

  • SMP-6000 v1.0 Build 14167

  • SMP-6000 v1.0 Build 14097

  • SMP-6000 v1.0 Build 14090

  • SMP-6000 v1.0 Build 14069

  • SMP-6000 v1.0 Build 14062

  • SMP-4000 v1.0 Build 14098

  • SMP-4000 v1.0 Build 14092

  • SMP-4000 v1.0 Build 14087

  • SMP-2310 v3.0

  • SMP-2300 v3.0 Build 19316

  • SMP-2210 v3.0 Build 19025

  • SMP-2200 v3.0 Build 19029

  • SMP-2200 v3.0 Build 19025

  • SMP-2100 v10.0 Build 16228

  • SMP-2100 v3.0

  • SMP-2000 v1.0 Build 14167

  • SMP-2000 v1.0 Build 14087

  • SMP-1000 v1.0 Build 14099

  • SMP-PROPLUS v1.5 Build 10081

  • SMP-WEBPLUS v6.5 Build 11126

  • SMP-WEB4 v2.0 Build 13073

  • SMP-WEB4 v2.0 Build 11175

  • SMP-WEB4 v1.5 Build 11476

  • SMP-WEB4 v1.5 Build 11126

  • SMP-WEB4 v1.0 Build 10301

  • SMP-300 v1.0 Build 14177

  • SMP-200 v1.0 Build 13080

  • SMP-200 v1.0 Build 12331

  • SMP-PRO4 v1.0

  • SMP-NEO2 v1.0

  • SMP-NEO v1.0

CWE
  • CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSS
8.7
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Credit
LiquidWorm as Gjoko Krstic of Zero Science Lab
Description
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with default credentials to execute arbitrary shell commands as root.