PT-2018-7208 · Foscam · Foscam C1 Indoor Hd Camera

Published

2018-09-17

Updated

2022-06-07

CVE-2017-2856

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Foscam C1 Indoor HD Camera version 2.52.2.43

Description: A buffer overflow issue exists in the DDNS client of the affected device. When DDNS is enabled, an attacker intercepting HTTP connections can fully compromise the device by setting up a rogue HTTP server.

Recommendations: For Foscam C1 Indoor HD Camera version 2.52.2.43, consider disabling DDNS until a patch is available to prevent exploitation. Restrict access to the device when possible to minimize the risk of HTTP connection interception.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2017-2856

Affected Products

Foscam C1 Indoor Hd Camera

PT-2018-7208 · Foscam · Foscam C1 Indoor Hd Camera

CVE-2017-2856

Weakness Enumeration

Related Identifiers

Affected Products

References · 4