CVE-2014-1911
https://notcve.org/view.php?id=CVE-2014-1911
The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password. La camera Foscam FI8910W con firmware anterior a 11.37.2.55 permite a atacantes remotos obtener datos sensibles de vídeo e imágenes a través de un nombre de usuario y una contraseña en blanco. • http://foscam.us/forum/mjpeg-54-firmware-bug-user-logon-bypass-t8442.html http://www.kb.cert.org/vuls/id/525132 • CWE-287: Improper Authentication •
CVE-2013-2560 – Foscam < 11.37.2.49 - Directory Traversal
https://notcve.org/view.php?id=CVE-2013-2560
Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials. Vulnerabilidad de salto de directorio en la interfaz web en dispositivos Foscam con firmware anterior a v11.37.2.49 que permite a atacantes remotos leer ficheros a través de .. (punto punto) en la URI, se ha demostrado descubriendo (1) credenciales web o (2) credenciales Wi-Fi. Foscam firmware versions 11.37.2.48 and below suffer from a path traversal vulnerability. • https://www.exploit-db.com/exploits/38356 http://archives.neohapsis.com/archives/bugtraq/2013-03/0080.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •