Full title: ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution Vulnerability 
Category: web applications
Platform: hardware
ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote access as root via ssh.

# 0day.today @ http://0day.today/