CVE-2024-13892 (GCVE-0-2024-13892)
Vulnerability from cvelistv5
Published
2025-03-06 14:00
Modified
2025-03-06 14:48
Severity ?
7.7 (High) - CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. During the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
References
Impacted products
Vendor Product Version
Smartwares CIP-37210AT Version: 0    3.3.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13892",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-06T14:48:01.194575Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-06T14:48:08.548Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "CIP-37210AT",
          "vendor": "Smartwares",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "C724IP",
          "vendor": "Smartwares",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Micha\u0142 Majchrowicz (Afine Team)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Marcin Wyczechowski (Afine Team)"
        }
      ],
      "datePublic": "2025-03-06T11:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Smartwares cameras\u0026nbsp;CIP-37210AT and\u0026nbsp;C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. \u003cbr\u003eDuring the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection.\u003cbr\u003eThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Smartwares cameras\u00a0CIP-37210AT and\u00a0C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. \nDuring the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection.\nThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-06T14:04:52.687Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/en/posts/2025/03/CVE-2024-13892/"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Command Injection in Smartwares cameras",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2024-13892",
    "datePublished": "2025-03-06T14:00:41.444Z",
    "dateReserved": "2025-02-20T14:05:38.748Z",
    "dateUpdated": "2025-03-06T14:48:08.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-13892\",\"sourceIdentifier\":\"cvd@cert.pl\",\"published\":\"2025-03-06T14:15:35.453\",\"lastModified\":\"2025-03-06T14:15:35.453\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Smartwares cameras\u00a0CIP-37210AT and\u00a0C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. \\nDuring the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection.\\nThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.\"},{\"lang\":\"es\",\"value\":\"Smartwares cameras CIP-37210AT y C724IP, as\u00ed como otras que comparten el mismo firmware en versiones hasta la 3.3.0, son vulnerables a la inyecci\u00f3n de comandos. Durante el proceso de inicializaci\u00f3n, un usuario tiene que usar una aplicaci\u00f3n m\u00f3vil para proporcionar a los dispositivos las credenciales del punto de acceso. Esta entrada no est\u00e1 debidamente depurada, lo que permite la inyecci\u00f3n de comandos. El proveedor no ha respondido a los informes, por lo que el estado de la aplicaci\u00f3n de parches sigue siendo desconocido. Las versiones de firmware m\u00e1s nuevas tambi\u00e9n podr\u00edan ser vulnerables.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cvd@cert.pl\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"cvd@cert.pl\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"references\":[{\"url\":\"https://cert.pl/en/posts/2025/03/CVE-2024-13892/\",\"source\":\"cvd@cert.pl\"},{\"url\":\"https://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at\",\"source\":\"cvd@cert.pl\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-13892\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T14:48:01.194575Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T14:48:04.580Z\"}}], \"cna\": {\"title\": \"Command Injection in Smartwares cameras\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Micha\\u0142 Majchrowicz (Afine Team)\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Marcin Wyczechowski (Afine Team)\"}], \"impacts\": [{\"capecId\": \"CAPEC-248\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-248 Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.7, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Smartwares\", \"product\": \"CIP-37210AT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.3.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Smartwares\", \"product\": \"C724IP\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.3.0\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2025-03-06T11:00:00.000Z\", \"references\": [{\"url\": \"https://cert.pl/en/posts/2025/03/CVE-2024-13892/\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at\", \"tags\": [\"product\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Smartwares cameras\\u00a0CIP-37210AT and\\u00a0C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. \\nDuring the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection.\\nThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Smartwares cameras\u0026nbsp;CIP-37210AT and\u0026nbsp;C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. \u003cbr\u003eDuring the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly sanitized, what allows for command injection.\u003cbr\u003eThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6\", \"shortName\": \"CERT-PL\", \"dateUpdated\": \"2025-03-06T14:04:52.687Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-13892\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-06T14:48:08.548Z\", \"dateReserved\": \"2025-02-20T14:05:38.748Z\", \"assignerOrgId\": \"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6\", \"datePublished\": \"2025-03-06T14:00:41.444Z\", \"assignerShortName\": \"CERT-PL\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.