CVE-2017-2829

An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately filter characters results in allowing an attacker to specify a file outside of a directory. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*

Information

Published : 2017-06-21 06:29

Updated : 2022-06-07 10:40


NVD link : CVE-2017-2829

Mitre link : CVE-2017-2829


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

foscam

  • c1_indoor_hd_camera
  • c1_indoor_hd_camera_firmware