{"vuid":"VU#253708","idnumber":"253708","name":"Grandsteam GXV3611_HD camera is vulnerable to SQL injection","keywords":["grandstream","camera","sqli","CVE-2015-2866"],"overview":"The Grandsteam GXV3611_HD is an IP network camera used for surveillance and security. The Grandsteam GXV3611_HD is vulnerable to a SQL injection attack.","clean_desc":"CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2015-2866 The Grandstream GXV3611_HD camera with firmware of 1.0.3.6 or before does not correctly perform input validation on the username field of the telnet login. An attacker may exploit this weakness to execute a SQL injection attack on the camera's configuration.","impact":"A remote unauthenticated attacker may be able to perform a SQL injection to view or modify the configuration of the device.","resolution":"Update the firmware Grandstream has released firmware 1.0.3.9 beta to address this issue. Consider updating your camera's firmware as soon as possible.","workarounds":"","sysaffected":"","thanks":"Thanks to the Living Lab at IUPUI\n for reporting this vulnerability to us.","author":"This document was written by Garret Wassermann.","public":["h","t","t","p",":","/","/","w","w","w",".","g","r","a","n","d","s","t","r","e","a","m",".","c","o","m","/","s","u","p","p","o","r","t","/","f","i","r","m","w","a","r","e"],"cveids":["CVE-2015-2866"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2015-02-23T20:08:00Z","publicdate":"2015-07-07T00:00:00Z","datefirstpublished":"2015-07-07T18:33:53Z","dateupdated":"2015-07-07T18:33:54Z","revision":53,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"6.4","cvss_basevector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","cvss_temporalscore":"5","cvss_environmentalscore":"3.7718594822475","cvss_environmentalvector":"CDP:ND/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}