PT-2018-7201 · Foscam · Foscam C1 Indoor Hd Camera

Publicado

2018-04-24

Atualizado

2022-06-07

CVE-2017-2832

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Foscam C1 Indoor HD Camera version 2.52.2.37

Description: A command injection issue exists in the web management interface of the affected device. It allows an attacker to inject arbitrary shell characters during a password change, resulting in command injection. This can be triggered by sending a specially crafted HTTP request to the device.

Recommendations: For version 2.52.2.37, consider restricting access to the web management interface until a fix is available. As a temporary workaround, avoid using the password change functionality in the web management interface to minimize the risk of exploitation.

Exploit

Correção

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77

Identificadores relacionados

CVE-2017-2832

Produtos afetados

Foscam C1 Indoor Hd Camera

PT-2018-7201 · Foscam · Foscam C1 Indoor Hd Camera

CVE-2017-2832

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4