Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-06-29 CVE-2017-2850 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2849 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during NTP server configuration resulting in command injection.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2848 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2847 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2846 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2845 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-78
8.8
2017-06-29 CVE-2017-2844 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution.
network
low complexity
foscam CWE-78
8.8
2017-06-27 CVE-2017-2843 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution.
network
low complexity
foscam CWE-78
8.8
2017-06-27 CVE-2017-2842 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution.
network
low complexity
foscam CWE-78
8.8
2017-06-27 CVE-2017-2841 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-78
8.8