Page 2 of 16 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1

17 Sep 2018 — An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. Existe una vulnerabilidad explotable de desbordamiento de búfer en el cliente DDNS empleado por Foscam C1 Indoor HD Camera ejecutando el firmware de aplicación 2.52.2.43. En dispositivos con DDNS habil... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0357 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

17 Sep 2018 — An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. Existe una vulnerabilidad de divulgación de información en la interfaz Multi-Camera empleada por Foscam C1 Indoor HD Camera ejecutando el firmware de aplicación 2.52.2.43. Una petición especialmente manipulada en el puerto 10001 puede ... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0381 •

CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 1

09 Jul 2018 — Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earli... • https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 1%CPEs: 102EXPL: 1

09 Jul 2018 — Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4... • https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras • CWE-787: Out-of-bounds Write •

CVSS: 9.0EPSS: 1%CPEs: 102EXPL: 1

09 Jul 2018 — The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 ... • https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 1

17 Apr 2018 — Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a firmware recovery using a custom image. Existen comprobaciones de seguridad insuficientes en el procedimiento de recuperación empleado por Foscam C1 Indoor HD Camera ejecutando el firmware de aplicación 2.52.2.43. Un atacante que est... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0378 • CWE-287: Improper Authentication •