PT-2018-7209 · Foscam · Foscam C1 Indoor Hd Camera

Published

2018-09-17

Updated

2022-06-07

CVE-2017-2857

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Foscam C1 Indoor HD Camera version 2.52.2.43

Description: A buffer overflow issue exists in the DDNS client of the Foscam C1 Indoor HD Camera. When DDNS is enabled, an attacker who can intercept HTTP connections can fully compromise the device by setting up a rogue HTTP server.

Recommendations: For Foscam C1 Indoor HD Camera version 2.52.2.43, consider disabling the DDNS feature until a patch is available to prevent exploitation. Restrict access to the device when DDNS is enabled to minimize the risk of compromise.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2017-2857

Affected Products

Foscam C1 Indoor Hd Camera

PT-2018-7209 · Foscam · Foscam C1 Indoor Hd Camera

CVE-2017-2857

Weakness Enumeration

Related Identifiers

Affected Products

References · 4