Multiple Geutebruck Devices Multiple Security Vulnerabilities

Multiple Geutebruck devices are prone to the following multiple security vulnerabilities.

1. An authentication-bypass vulnerability
2. A SQL-injection vulnerability
3. A cross-site request-forgery vulnerability
4. An access-bypass vulnerability
5. A security-bypass vulnerability
6. A cross-site scripting vulnerability

Attackers may exploit these issues to gain unauthorized access to the affected device, or to bypass certain security restrictions to perform unauthorized actions, to compromise the application to access or modify data and to exploit vulnerabilities in the underlying database, to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to execute arbitrary code within the context of the affected device.

The following devices are vulnerable:

Geutebruck G-Cam/EFD-2250 version 1.12.0.4
Geutebruck Topline TopFD-2125 version 3.15.1


 

Privacy Statement
Copyright 2010, SecurityFocus