PT-2026-20528 · Foscam · Bosch Video Management System

Chuyreds

Published

2026-02-18

Updated

2026-02-18

CVE-2019-25353

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Foscam Video Management System version 1.1.4.9

Description The Foscam Video Management System is susceptible to a denial of service condition. An attacker can cause the application to crash by providing a specially crafted input to the username field. Specifically, overwriting the username with a 520-byte buffer of repeated 'A' characters during device login triggers the application crash. The vulnerable parameter is username.

Recommendations Update to a newer version of Foscam Video Management System that addresses this issue. As a temporary workaround, limit the length of the username input field to prevent the submission of oversized input.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2019-25353

Affected Products

Bosch Video Management System

PT-2026-20528 · Foscam · Bosch Video Management System

CVE-2019-25353

Weakness Enumeration

Related Identifiers

Affected Products

References · 5