CVE-2021-33543 CRITICAL

CVE-2021-33543: UDP Technology/Geutebrück camera devices: Authentication Bypass

Vendor Geutebrück
Product E2 Series
Weakness CWE-306 · Missing auth
Published September 13, 2021
Last update August 3, 2024

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.

Key dates

02Disclosure timeline

September 13, 2021 CVE published
August 3, 2024 Record updated