Vulnerabilities > Foscam

DATE CVE VULNERABILITY TITLE RISK
2017-06-27 CVE-2017-2842 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution.
network
low complexity
foscam CWE-78
6.5
6.5
2017-06-27 CVE-2017-2841 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-78
6.5
6.5
2017-06-21 CVE-2016-8731 Use of Hard-coded Credentials vulnerability in Foscam C1 Webcam Firmware 1.9.1.12
Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12.
network
low complexity
foscam CWE-798
critical
 9.8
9.8
2017-06-21 CVE-2017-2831 Classic Buffer Overflow vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-120
5.0
5.0
2017-06-21 CVE-2017-2830 Classic Buffer Overflow vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-120
5.0
5.0
2017-06-21 CVE-2017-2829 Path Traversal vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-22
4.0
4.0
2017-06-21 CVE-2017-2828 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-78
6.5
6.5
2017-06-21 CVE-2017-2827 OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.
network
low complexity
foscam CWE-78
6.5
6.5
2017-06-21 CVE-2017-2805 Out-of-bounds Write vulnerability in Foscam C1 HD Indoor Camera Firmware 1.9.3.17
An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera.
network
low complexity
foscam CWE-787
critical
 9.8
9.8
2017-04-10 CVE-2017-7648 Use of Hard-coded Credentials vulnerability in Foscam products
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
network
foscam CWE-798
4.3
4.3