Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Foscam Subscribe
Total 65 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-2805 1 Foscam 2 C1 Hd Indoor Camera, C1 Hd Indoor Camera Firmware 2023-01-27 7.5 HIGH 9.8 CRITICAL
An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simply send an http request to the device to trigger this vulnerability.
CVE-2016-8731 1 Foscam 2 C1 Webcam, C1 Webcam Firmware 2022-12-14 7.5 HIGH 9.8 CRITICAL
Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.
CVE-2017-2827 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-13 6.5 MEDIUM 8.8 HIGH
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2829 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 4.0 MEDIUM 6.5 MEDIUM
An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately filter characters results in allowing an attacker to specify a file outside of a directory. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2830 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 5.0 MEDIUM 7.5 HIGH
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2851 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.0 MEDIUM 7.2 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow.
CVE-2017-2850 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2847 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2848 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2849 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during NTP server configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2844 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2843 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2842 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2846 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2845 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tests resulting in command execution
CVE-2017-2831 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 5.0 MEDIUM 7.5 HIGH
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2841 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2022-06-07 6.5 MEDIUM 8.8 HIGH
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2872 1 Foscam 2 C1, C1 Firmware 2022-06-07 9.0 HIGH 7.2 HIGH
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device, binaries as well as arguments to shell commands contained in the image are executed with elevated privileges.
CVE-2017-2856 1 Foscam 2 C1, C1 Firmware 2022-06-07 9.3 HIGH 8.1 HIGH
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.
CVE-2017-2857 1 Foscam 2 C1, C1 Firmware 2022-06-07 9.3 HIGH 8.1 HIGH
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.