Vulnerabilities > Foscam
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-17 | CVE-2017-2871 | Improper Authentication vulnerability in Foscam C1 Firmware 2.52.2.43 Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 8.8 |
| 2017-06-29 | CVE-2017-2851 | Classic Buffer Overflow vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow. | 7.2 |
| 2017-06-29 | CVE-2017-2850 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server. | 8.8 |
| 2017-06-29 | CVE-2017-2849 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during NTP server configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2848 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2847 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2846 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2845 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. | 8.8 |
| 2017-06-29 | CVE-2017-2844 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |
| 2017-06-27 | CVE-2017-2843 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |