PT-2018-7206 · Foscam · Foscam C1 Indoor Hd Camera

Published

2018-09-17

Updated

2022-06-07

CVE-2017-2854

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Foscam C1 Indoor HD Camera version 2.52.2.43

Description: A buffer overflow issue exists in the DDNS client of the affected device. This can be exploited by an attacker who intercepts HTTP connections, allowing them to fully compromise the device by setting up a rogue HTTP server.

Recommendations: For version 2.52.2.43, consider disabling the DDNS client as a temporary workaround until a patch is available. Restrict access to the device's HTTP server to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2017-2854

Affected Products

Foscam C1 Indoor Hd Camera

PT-2018-7206 · Foscam · Foscam C1 Indoor Hd Camera

CVE-2017-2854

Weakness Enumeration

Related Identifiers

Affected Products

References · 3