An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up.
References
Link | Resource |
---|---|
https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2018-11-07 10:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-19071
Mitre link : CVE-2018-19071
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
foscam
- c2_system_firmware
- c2_application_firmware
- c2
opticam
- i5_application_firmware
- i5
- i5_system_firmware