Vulnerabilities

CVE-2021-33543

September 27, 2021

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings.

Summary:

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings.

Reference Links(if available):

https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/

https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Tags: CONFIRM, CVE, CVE-2021-33543, exploit, vulnerability

CVE-2021-33543

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/