CVSS: 8.8EPSS: 7%CPEs: 2EXPL: 1CVE-2017-2873
https://notcve.org/view.php?id=CVE-2017-2873
19 Sep 2018 — An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. Existe una vulnerabilidad de inyección de comandos en la interfaz de gestión web empleada por Foscam C1... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0380 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2876
https://notcve.org/view.php?id=CVE-2017-2876
19 Sep 2018 — An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Existe una vulnerabilidad explotable de desbordamiento de búfer en la interfaz Multi-Camera utilizada por los dispositivos Foscam C1 Indoor HD Camera que ejecuten el firmware de aplicación 2.52.2.43. Una petición especialmente manipulada en... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0383 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2877
https://notcve.org/view.php?id=CVE-2017-2877
19 Sep 2018 — A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. Falta una comprobación de error en la interfaz Multi-Camera utilizada por los dispositivos Foscam C1 Indoor HD Camera que ejecuten el firmware de aplicación 2.52.2.43. Una petición especialmente manipulada en el puerto 10001 podría perm... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0384 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2017-2878
https://notcve.org/view.php?id=CVE-2017-2878
19 Sep 2018 — An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. Existe una vulnerabilidad explotable de desbordamiento de búfer en la interfaz de gestión web empleada por Foscam C1 Indoor HD Camera ejecutando el firmware d... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0385 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2879
https://notcve.org/view.php?id=CVE-2017-2879
19 Sep 2018 — An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability. Existe una vulnerabilidad explotable de desbordamiento de búfer en la implementación UPnP utilizada por los dispositivos Foscam C1... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0386 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2855
https://notcve.org/view.php?id=CVE-2017-2855
19 Sep 2018 — An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. Existe una vulnerabilidad explotable de desbordamiento de búfer en el cliente DDNS utilizado por los dispositivos Foscam C1 Indoor HD Camera que ejecuten el firmware de aplicación 2.52.2.43. En disposi... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0358 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2875
https://notcve.org/view.php?id=CVE-2017-2875
19 Sep 2018 — An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Existe una vulnerabilidad explotable de desbordamiento de búfer en la interfaz Multi-Camera utilizada por los dispositivos Foscam C1 Indoor HD Camera que ejecuten el firmware de aplicación 2.52.2.43. Una petición especialmente manipulada en... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0382 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2857
https://notcve.org/view.php?id=CVE-2017-2857
17 Sep 2018 — An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. Existe una vulnerabilidad explotable de desbordamiento de búfer en el cliente DDNS empleado por Foscam C1 Indoor HD Camera ejecutando el firmware de aplicación 2.52.2.43. En dispositivos con DDNS habil... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0360 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2872
https://notcve.org/view.php?id=CVE-2017-2872
17 Sep 2018 — Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device, binaries as well as arguments to shell commands contained in the image are executed with elevated privileges. Existen comprobaciones de seguridad insuficientes en el procedimiento de recuperación empleado por Fosc... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0379 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2856
https://notcve.org/view.php?id=CVE-2017-2856
17 Sep 2018 — An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. Existe una vulnerabilidad explotable de desbordamiento de búfer en el cliente DDNS empleado por Foscam C1 Indoor HD Camera ejecutando el firmware de aplicación 2.52.2.43. En dispositivos con DDNS habil... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0359 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •