PT-2018-14782 · Foscam+1 · Foscam C2+1
Harry Sintonen
·
Published
2018-11-07
·
Updated
2018-12-11
·
CVE-2018-19069
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foscam C2 versions System Firmware 1.11.1.8 and Application Firmware 2.72.1.32
Opticam i5 versions System Firmware 1.5.2.11 and Application Firmware 2.21.1.128
Description
An issue was discovered related to the CGIProxy.fcgi feature, specifically the "cmd=setTelnetSwitch" endpoint, which is authorized for the root user with a default password of
toor.Recommendations
For Foscam C2 versions System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, consider changing the default root password from
toor to a secure password.
For Opticam i5 versions System Firmware 1.5.2.11 and Application Firmware 2.21.1.128, consider changing the default root password from toor to a secure password.
As a temporary workaround, consider disabling the CGIProxy.fcgi?cmd=setTelnetSwitch feature until a patch is available.Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foscam C2
Opticam I5