Zavio Camera NTP Server OS Command Injection Exploit

The Zavio F3105 IP camera is vulnerable to OS command injection when the /opt/cgi/view/param binary parses the General.Time.NTP.Server configuration parameter. This vulnerability allows authenticated users to execute arbitrary code on the affected cameras.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2013-2570
Product Version: 
2013_R2
Released Date: 
Friday, November 29, 2013 - 00:00