PT-2018-14784 · Opticam+1 · Opticam I5 Application Firmware+3

Harry Sintonen

·

Published

2018-11-07

·

Updated

2019-10-03

·

CVE-2018-19071

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Foscam C2 versions 1.11.1.8 Foscam C2 Application Firmware versions 2.72.1.32 Opticam i5 versions 1.5.2.11 Opticam i5 Application Firmware versions 2.21.1.128
Description An issue was discovered that allows local users to control the commands executed at system start-up due to the /mnt/mtd/boot.sh file having 0777 permissions.
Recommendations For Foscam C2 version 1.11.1.8, change the permissions of the /mnt/mtd/boot.sh file to prevent local users from modifying it. For Foscam C2 Application Firmware version 2.72.1.32, update the firmware to a version that sets proper permissions for the /mnt/mtd/boot.sh file. For Opticam i5 version 1.5.2.11, change the permissions of the /mnt/mtd/boot.sh file to prevent local users from modifying it. For Opticam i5 Application Firmware version 2.21.1.128, update the firmware to a version that sets proper permissions for the /mnt/mtd/boot.sh file.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-19071

Affected Products

Foscam C2
Foscam C2 Application Firmware
Opticam I5
Opticam I5 Application Firmware