CVE-2021-30166
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Command Injection
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.
La función de configuración del servidor NTP del dispositivo de cámara IP no es comprobada con un parámetro especial. Unos atacantes remotos pueden llevar a cabo un ataque de inyección de comandos y ejecutar comandos arbitrarios después de iniciar sesión con el permiso privilegiado
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-04-06 CVE Reserved
- 2021-04-28 CVE Published
- 2024-09-17 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e | Third Party Advisory | |
| https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388 | Third Party Advisory | |
| https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf | 2021-05-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Meritlilin Search vendor "Meritlilin" | P2r8852e2 Firmware Search vendor "Meritlilin" for product "P2r8852e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r8852e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r8852e2 Search vendor "Meritlilin" for product "P2r8852e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r8852e4 Firmware Search vendor "Meritlilin" for product "P2r8852e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r8852e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r8852e4 Search vendor "Meritlilin" for product "P2r8852e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6852e2 Firmware Search vendor "Meritlilin" for product "P2r6852e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6852e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6852e2 Search vendor "Meritlilin" for product "P2r6852e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6852e4 Firmware Search vendor "Meritlilin" for product "P2r6852e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6852e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6852e4 Search vendor "Meritlilin" for product "P2r6852e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6552e2 Firmware Search vendor "Meritlilin" for product "P2r6552e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6552e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6552e2 Search vendor "Meritlilin" for product "P2r6552e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6552e4 Firmware Search vendor "Meritlilin" for product "P2r6552e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6552e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6552e4 Search vendor "Meritlilin" for product "P2r6552e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6352ae2 Firmware Search vendor "Meritlilin" for product "P2r6352ae2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6352ae2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6352ae2 Search vendor "Meritlilin" for product "P2r6352ae2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6352ae4 Firmware Search vendor "Meritlilin" for product "P2r6352ae4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6352ae4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6352ae4 Search vendor "Meritlilin" for product "P2r6352ae4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r3052ae2 Firmware Search vendor "Meritlilin" for product "P2r3052ae2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r3052ae2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r3052ae2 Search vendor "Meritlilin" for product "P2r3052ae2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2g1052 Firmware Search vendor "Meritlilin" for product "P2g1052 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2g1052 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2g1052 Search vendor "Meritlilin" for product "P2g1052" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r8822e2 Firmware Search vendor "Meritlilin" for product "P2r8822e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r8822e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r8822e2 Search vendor "Meritlilin" for product "P2r8822e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r8822e4 Firmware Search vendor "Meritlilin" for product "P2r8822e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r8822e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r8822e4 Search vendor "Meritlilin" for product "P2r8822e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6822e2 Firmware Search vendor "Meritlilin" for product "P2r6822e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6822e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6822e2 Search vendor "Meritlilin" for product "P2r6822e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6822e4 Firmware Search vendor "Meritlilin" for product "P2r6822e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6822e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6822e4 Search vendor "Meritlilin" for product "P2r6822e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6522e2 Firmware Search vendor "Meritlilin" for product "P2r6522e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6522e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6522e2 Search vendor "Meritlilin" for product "P2r6522e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6522e4 Firmware Search vendor "Meritlilin" for product "P2r6522e4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6522e4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6522e4 Search vendor "Meritlilin" for product "P2r6522e4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6322ae2 Firmware Search vendor "Meritlilin" for product "P2r6322ae2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6322ae2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6322ae2 Search vendor "Meritlilin" for product "P2r6322ae2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r6322ae4 Firmware Search vendor "Meritlilin" for product "P2r6322ae4 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r6322ae4 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r6322ae4 Search vendor "Meritlilin" for product "P2r6322ae4" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2r3022ae2 Firmware Search vendor "Meritlilin" for product "P2r3022ae2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2r3022ae2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2r3022ae2 Search vendor "Meritlilin" for product "P2r3022ae2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2g1022 Firmware Search vendor "Meritlilin" for product "P2g1022 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2g1022 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2g1022 Search vendor "Meritlilin" for product "P2g1022" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P2g1022x Firmware Search vendor "Meritlilin" for product "P2g1022x Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P2g1022x Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P2g1022x Search vendor "Meritlilin" for product "P2g1022x" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8852ax Firmware Search vendor "Meritlilin" for product "Z2r8852ax Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8852ax Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8852ax Search vendor "Meritlilin" for product "Z2r8852ax" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8152x-p Firmware Search vendor "Meritlilin" for product "Z2r8152x-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8152x-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8152x-p Search vendor "Meritlilin" for product "Z2r8152x-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8152x2-p Firmware Search vendor "Meritlilin" for product "Z2r8152x2-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8152x2-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8152x2-p Search vendor "Meritlilin" for product "Z2r8152x2-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8052ex25 Firmware Search vendor "Meritlilin" for product "Z2r8052ex25 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8052ex25 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8052ex25 Search vendor "Meritlilin" for product "Z2r8052ex25" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6552x Firmware Search vendor "Meritlilin" for product "Z2r6552x Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6552x Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6552x Search vendor "Meritlilin" for product "Z2r6552x" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6452ax Firmware Search vendor "Meritlilin" for product "Z2r6452ax Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6452ax Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6452ax Search vendor "Meritlilin" for product "Z2r6452ax" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6452ax-p Firmware Search vendor "Meritlilin" for product "Z2r6452ax-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6452ax-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6452ax-p Search vendor "Meritlilin" for product "Z2r6452ax-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8822ax Firmware Search vendor "Meritlilin" for product "Z2r8822ax Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8822ax Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8822ax Search vendor "Meritlilin" for product "Z2r8822ax" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8122x-p Firmware Search vendor "Meritlilin" for product "Z2r8122x-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8122x-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8122x-p Search vendor "Meritlilin" for product "Z2r8122x-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8122x2-p Firmware Search vendor "Meritlilin" for product "Z2r8122x2-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8122x2-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8122x2-p Search vendor "Meritlilin" for product "Z2r8122x2-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r8022ex25 Firmware Search vendor "Meritlilin" for product "Z2r8022ex25 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r8022ex25 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r8022ex25 Search vendor "Meritlilin" for product "Z2r8022ex25" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6522x Firmware Search vendor "Meritlilin" for product "Z2r6522x Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6522x Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6522x Search vendor "Meritlilin" for product "Z2r6522x" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6422ax Firmware Search vendor "Meritlilin" for product "Z2r6422ax Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6422ax Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6422ax Search vendor "Meritlilin" for product "Z2r6422ax" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z2r6422ax-p Firmware Search vendor "Meritlilin" for product "Z2r6422ax-p Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z2r6422ax-p Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z2r6422ax-p Search vendor "Meritlilin" for product "Z2r6422ax-p" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P3r6322e2 Firmware Search vendor "Meritlilin" for product "P3r6322e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P3r6322e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P3r6322e2 Search vendor "Meritlilin" for product "P3r6322e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P3r6522e2 Firmware Search vendor "Meritlilin" for product "P3r6522e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P3r6522e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P3r6522e2 Search vendor "Meritlilin" for product "P3r6522e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | P3r8822e2 Firmware Search vendor "Meritlilin" for product "P3r8822e2 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "P3r8822e2 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | P3r8822e2 Search vendor "Meritlilin" for product "P3r8822e2" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z3r6422x3 Firmware Search vendor "Meritlilin" for product "Z3r6422x3 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z3r6422x3 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z3r6422x3 Search vendor "Meritlilin" for product "Z3r6422x3" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z3r6522x Firmware Search vendor "Meritlilin" for product "Z3r6522x Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z3r6522x Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z3r6522x Search vendor "Meritlilin" for product "Z3r6522x" | - | - |
Safe
|
| Meritlilin Search vendor "Meritlilin" | Z3r8922x3 Firmware Search vendor "Meritlilin" for product "Z3r8922x3 Firmware" | < 7.1.94.8908 Search vendor "Meritlilin" for product "Z3r8922x3 Firmware" and version " < 7.1.94.8908" | - |
Affected
| in | Meritlilin Search vendor "Meritlilin" | Z3r8922x3 Search vendor "Meritlilin" for product "Z3r8922x3" | - | - |
Safe
|