Search criteria
21 vulnerabilities found for c1 by foscam
VAR-201704-1458
Vulnerability from variot - Updated: 2025-04-20 23:22Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1458",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1 lite",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "c2",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800xe",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9828p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9851p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9853ep",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9901ep",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9903p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9928p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9826p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9903p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9800xe",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9901ep",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9851p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c2",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9928p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9853ep",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9826p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:foscam:c1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:c1_lite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:c2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9800xe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9826p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9828p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9851p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9853ep",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9901ep",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9903p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:fi9928p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:foscam:r2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
}
]
},
"cve": "CVE-2017-7648",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-7648",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-7648",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7648",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-7648",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-468",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-7648",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "VULMON",
"id": "CVE-2017-7648"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7648",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-7648",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"id": "VAR-201704-1458",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5572390533333333
},
"last_update_date": "2025-04-20T23:22:23.021000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foscam.com/"
},
{
"title": "CVE-2017-7648.",
"trust": 0.1,
"url": "https://github.com/notmot/CVE-2017-7648. "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7648"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7648"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/notmot/cve-2017-7648."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"date": "2017-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"date": "2017-04-10T19:59:00.297000",
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"date": "2017-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-468"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Vulnerability that breaks cryptographic protection mechanisms in network devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
],
"trust": 0.6
}
}
VAR-201809-0070
Vulnerability from variot - Updated: 2025-01-30 22:40An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0070",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2857",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2857",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-34263",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-111060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2857",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2857",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2857",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2857",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2857",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34263",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-423",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2857"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2857",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0360",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34263",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96858",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111060",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"id": "VAR-201809-0070",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
}
]
},
"last_update_date": "2025-01-30T22:40:12.513000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamC1IndoorHDCameraDDNS Client Buffer Overflow Vulnerability (CNVD-2017-34263)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106249"
},
{
"title": "Foscam C1 Indoor HD Camera DDNS Fixes for client buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76291"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0360"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2857"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2857"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/reports/talos-2017-0360/"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0360"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"db": "VULHUB",
"id": "VHN-111060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111060"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"date": "2018-09-17T20:29:00.650000",
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34263"
},
{
"date": "2018-11-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111060"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014273"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-423"
},
{
"date": "2024-11-21T03:24:20.307000",
"db": "NVD",
"id": "CVE-2017-2857"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014273"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-423"
}
],
"trust": 0.6
}
}
VAR-201809-0081
Vulnerability from variot - Updated: 2025-01-30 22:27An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0081",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2856",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2856",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-34262",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-111059",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2856",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2856",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2856",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2856",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2856",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34262",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-422",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111059",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2856"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2856",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0359",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34262",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96855",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111059",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"id": "VAR-201809-0081",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
}
]
},
"last_update_date": "2025-01-30T22:27:59.146000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamC1IndoorHDCameraDDNS Client Buffer Overflow Vulnerability (CNVD-2017-34262)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106248"
},
{
"title": "Foscam C1 Indoor HD Camera DDNS Fixes for client buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76290"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0359"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2856"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2856"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/reports/talos-2017-0359/"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0359"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"db": "VULHUB",
"id": "VHN-111059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111059"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"date": "2018-09-17T20:29:00.523000",
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34262"
},
{
"date": "2018-11-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111059"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014272"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-422"
},
{
"date": "2024-11-21T03:24:20.193000",
"db": "NVD",
"id": "CVE-2017-2856"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-422"
}
],
"trust": 0.6
}
}
VAR-201804-0579
Vulnerability from variot - Updated: 2025-01-30 21:29An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command injection during the boot process. To trigger this vulnerability, an attacker needs to send an HTTP request and reboot the device. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. Foscam IP Video Camera is prone to multiple command-injection vulnerabilities. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0579",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 1.6,
"vendor": "foscam",
"version": "2.52.2.37"
},
{
"model": "c1 indoor hd camera",
"scope": "eq",
"trust": 0.8,
"vendor": "foscam",
"version": "2.52.2.37"
},
{
"model": "c1 indoor hd camera",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "0"
},
{
"model": "ip video camera",
"scope": "eq",
"trust": 0.3,
"vendor": "foscam",
"version": "1.9.3.17"
},
{
"model": "ip video camera",
"scope": "ne",
"trust": 0.3,
"vendor": "foscam",
"version": "2.0.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_indoor_hd_camera_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cory Duplantis, Claudio Bozzato and another member of Cisco Talos.",
"sources": [
{
"db": "BID",
"id": "99184"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2833",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-2833",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2018-10136",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-111036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2017-2833",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2833",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2833",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2833",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2833",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2833",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-10136",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-1370",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111036",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "VULHUB",
"id": "VHN-111036"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command injection during the boot process. To trigger this vulnerability, an attacker needs to send an HTTP request and reboot the device. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. Foscam IP Video Camera is prone to multiple command-injection vulnerabilities. \nExploiting these issues could allow an attacker to execute arbitrary commands in context of the affected device",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2833"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "VULHUB",
"id": "VHN-111036"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2833",
"trust": 3.5
},
{
"db": "TALOS",
"id": "TALOS-2017-0334",
"trust": 2.5
},
{
"db": "BID",
"id": "99184",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-10136",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96498",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111036",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "VULHUB",
"id": "VHN-111036"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"id": "VAR-201804-0579",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "VULHUB",
"id": "VHN-111036"
}
],
"trust": 1.49642857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
}
]
},
"last_update_date": "2025-01-30T21:29:20.975000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamC1IndoorHDCamera Command Injection Vulnerability (CNVD-2018-10136)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130023"
},
{
"title": "Foscam C1 Indoor HD Camera Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79655"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111036"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0334"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/99184"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2833"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2833"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0334"
},
{
"trust": 0.3,
"url": "http://www.foscam.com/"
},
{
"trust": 0.3,
"url": "http://blog.talosintelligence.com/2017/06/foscam-vuln-details.html"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "VULHUB",
"id": "VHN-111036"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"db": "VULHUB",
"id": "VHN-111036"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"date": "2018-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-111036"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99184"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"date": "2018-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"date": "2018-04-24T19:29:02.377000",
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10136"
},
{
"date": "2018-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-111036"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99184"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013356"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1370"
},
{
"date": "2024-11-21T03:24:14.467000",
"db": "NVD",
"id": "CVE-2017-2833"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera In OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1370"
}
],
"trust": 0.6
}
}
VAR-201809-0077
Vulnerability from variot - Updated: 2025-01-30 21:28An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2878",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2878",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2878",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34270",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-111081",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2878",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2878",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2878",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2878",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2878",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2878",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34270",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-430",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111081",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-2878",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "VULMON",
"id": "CVE-2017-2878"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2878",
"trust": 3.3
},
{
"db": "TALOS",
"id": "TALOS-2017-0385",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34270",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96861",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111081",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-2878",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"id": "VAR-201809-0077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
}
]
},
"last_update_date": "2025-01-30T21:28:54.330000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "Patch for FoscamIPVideoCamera Buffer Overflow Vulnerability (CNVD-2017-34270)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106256"
},
{
"title": "Foscam IP Video Camera Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76298"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0385"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2878"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2878"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0385"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55996"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"db": "VULHUB",
"id": "VHN-111081"
},
{
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111081"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"date": "2018-09-19T16:29:00.647000",
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34270"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-111081"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2878"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014286"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-430"
},
{
"date": "2024-11-21T03:24:22.687000",
"db": "NVD",
"id": "CVE-2017-2878"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014286"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-430"
}
],
"trust": 0.6
}
}
VAR-201809-0074
Vulnerability from variot - Updated: 2025-01-30 21:09An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. ### Tested Versions * Foscam Indoor IP Camera C1 Series * System Firmware Version: 1.9.3.18 * Application Firmware Version: 2.52.2.43 * Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-121: Stack-based Buffer Overflow ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on the arm architecture. Foscam is..
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0074",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2875",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34267",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-111078",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2875",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2875",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2875",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2875",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2875",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2875",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34267",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-427",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111078",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. ### Tested Versions * Foscam Indoor IP Camera C1 Series * System Firmware Version: 1.9.3.18 * Application Firmware Version: 2.52.2.43 * Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-121: Stack-based Buffer Overflow ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on the arm architecture. Foscam is..",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2875"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2875",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0382",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-34267",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96863",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111078",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"id": "VAR-201809-0074",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
}
]
},
"last_update_date": "2025-01-30T21:09:38.706000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "Patch for FoscamIPVideoCamera Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106253"
},
{
"title": "Foscam IP Video Camera Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76295"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0382"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2875"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2875"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0382"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"db": "VULHUB",
"id": "VHN-111078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111078"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"date": "2018-09-19T16:29:00.550000",
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34267"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-111078"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014278"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-427"
},
{
"date": "2024-11-21T03:24:22.317000",
"db": "NVD",
"id": "CVE-2017-2875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014278"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-427"
}
],
"trust": 0.6
}
}
VAR-201809-0078
Vulnerability from variot - Updated: 2025-01-30 21:06An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0078",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2879",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CVE-2017-2879",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2879",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-34271",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-111082",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"id": "CVE-2017-2879",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2017-2879",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2879",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2879",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2879",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2879",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-34271",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-431",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-111082",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-2879",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "VULMON",
"id": "CVE-2017-2879"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2879",
"trust": 3.3
},
{
"db": "TALOS",
"id": "TALOS-2017-0386",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34271",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96852",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111082",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-2879",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"id": "VAR-201809-0078",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
}
]
},
"last_update_date": "2025-01-30T21:06:43.099000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "Patch for FoscamIPVideoCamera Buffer Overflow Vulnerability (CNVD-2017-34271)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106257"
},
{
"title": "Foscam IP Video Camera Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76299"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0386"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2879"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2879"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0386"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55996"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"db": "VULHUB",
"id": "VHN-111082"
},
{
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111082"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"date": "2018-09-19T16:29:00.770000",
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34271"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-111082"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2879"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014277"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-431"
},
{
"date": "2024-11-21T03:24:22.803000",
"db": "NVD",
"id": "CVE-2017-2879"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014277"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-431"
}
],
"trust": 0.6
}
}
VAR-201809-0075
Vulnerability from variot - Updated: 2025-01-30 20:48An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. ### Tested Versions * Foscam Indoor IP Camera C1 Series * System Firmware Version: 1.9.3.18 * Application Firmware Version: 2.52.2.43 * Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-121: Stack-based Buffer Overflow ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on the arm architecture. Foscam is..
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2876",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2876",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2876",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34268",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-111079",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2876",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2876",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2876",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2876",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2876",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2876",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34268",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-428",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111079",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. ### Tested Versions * Foscam Indoor IP Camera C1 Series * System Firmware Version: 1.9.3.18 * Application Firmware Version: 2.52.2.43 * Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-121: Stack-based Buffer Overflow ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on the arm architecture. Foscam is..",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2876"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2876",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0383",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-34268",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96853",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111079",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"id": "VAR-201809-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
}
]
},
"last_update_date": "2025-01-30T20:48:46.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "Patch for FoscamIPVideoCamera Buffer Overflow Vulnerability (CNVD-2017-34268)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106254"
},
{
"title": "Foscam IP Video Camera Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76296"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0383"
},
{
"trust": 1.4,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0383"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2876"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2876"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"db": "VULHUB",
"id": "VHN-111079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111079"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"date": "2018-09-19T18:29:00.437000",
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34268"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-111079"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014275"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-428"
},
{
"date": "2024-11-21T03:24:22.450000",
"db": "NVD",
"id": "CVE-2017-2876"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-428"
}
],
"trust": 0.6
}
}
VAR-201809-0072
Vulnerability from variot - Updated: 2025-01-30 20:44An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2873",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-2873",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34265",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-111076",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2017-2873",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2873",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2873",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2873",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2873",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2873",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34265",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-425",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111076",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2873"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2873",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0380",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34265",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96859",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111076",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"id": "VAR-201809-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
}
]
},
"last_update_date": "2025-01-30T20:44:11.203000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "FoscamIPVideoCamera command to inject vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106251"
},
{
"title": "Foscam IP Video Camera Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76293"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111076"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0380"
},
{
"trust": 1.2,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0380"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2873"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2873"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"db": "VULHUB",
"id": "VHN-111076"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111076"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"date": "2018-09-19T18:29:00.343000",
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34265"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-111076"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014276"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-425"
},
{
"date": "2024-11-21T03:24:22.073000",
"db": "NVD",
"id": "CVE-2017-2873"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware vulnerability in some application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014276"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-425"
}
],
"trust": 0.6
}
}
VAR-201804-0578
Vulnerability from variot - Updated: 2025-01-30 20:36An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. Foscam IP Video Camera is prone to multiple command-injection vulnerabilities.
Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected device. ### Tested Versions Foscam, Inc. Indoor IP Camera C1 Series System Firmware Version: 1.9.3.17 Application Firmware Version: 2.52.2.37 Web Version: 2.0.1.1 Plug-In Version: 3.3.0.5 ### Product URLs Foscam ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and..
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0578",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 1.6,
"vendor": "foscam",
"version": "2.52.2.37"
},
{
"model": "c1 indoor hd camera",
"scope": "eq",
"trust": 0.8,
"vendor": "foscam",
"version": "2.52.2.37"
},
{
"model": "c1 indoor hd camera",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "0"
},
{
"model": "ip video camera",
"scope": "eq",
"trust": 0.3,
"vendor": "foscam",
"version": "1.9.3.17"
},
{
"model": "ip video camera",
"scope": "ne",
"trust": 0.3,
"vendor": "foscam",
"version": "2.0.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_indoor_hd_camera_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cory Duplantis, Claudio Bozzato and another member of Cisco Talos.",
"sources": [
{
"db": "BID",
"id": "99184"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2832",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-2832",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2018-10137",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-111035",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2017-2832",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2832",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2832",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2832",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2832",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2832",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-10137",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-1371",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111035",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "VULHUB",
"id": "VHN-111035"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. Foscam IP Video Camera is prone to multiple command-injection vulnerabilities. \nExploiting these issues could allow an attacker to execute arbitrary commands in context of the affected device. ### Tested Versions ``` Foscam, Inc. Indoor IP Camera C1 Series System Firmware Version: 1.9.3.17 Application Firmware Version: 2.52.2.37 Web Version: 2.0.1.1 Plug-In Version: 3.3.0.5 ``` ### Product URLs Foscam ### CVSSv3 Score 8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ### CWE CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and..",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "VULHUB",
"id": "VHN-111035"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2832",
"trust": 3.5
},
{
"db": "TALOS",
"id": "TALOS-2017-0335",
"trust": 2.5
},
{
"db": "BID",
"id": "99184",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-10137",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96496",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111035",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "VULHUB",
"id": "VHN-111035"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"id": "VAR-201804-0578",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "VULHUB",
"id": "VHN-111035"
}
],
"trust": 1.49642857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
}
]
},
"last_update_date": "2025-01-30T20:36:45.018000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamC1IndoorHDCamera Command Injection Vulnerability (CNVD-2018-10137)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130011"
},
{
"title": "Foscam C1 Indoor HD Camera Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79656"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111035"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0335"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/99184"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2832"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2832"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0335"
},
{
"trust": 0.3,
"url": "http://www.foscam.com/"
},
{
"trust": 0.3,
"url": "http://blog.talosintelligence.com/2017/06/foscam-vuln-details.html"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "VULHUB",
"id": "VHN-111035"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"db": "VULHUB",
"id": "VHN-111035"
},
{
"db": "BID",
"id": "99184"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"date": "2018-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-111035"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99184"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"date": "2018-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"date": "2018-04-24T19:29:02.330000",
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10137"
},
{
"date": "2018-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-111035"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99184"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013355"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1371"
},
{
"date": "2024-11-21T03:24:14.357000",
"db": "NVD",
"id": "CVE-2017-2832"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera In OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1371"
}
],
"trust": 0.6
}
}
VAR-201809-0071
Vulnerability from variot - Updated: 2025-01-30 20:28Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device, binaries as well as arguments to shell commands contained in the image are executed with elevated privileges. Foscam C1 Indoor HD Camera Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. A remote code execution vulnerability exists in recoveryprocedure in FoscamC1IndoorHDCamera that caused the program to fail to perform adequate security monitoring
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2872",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-2872",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-34264",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-111075",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2017-2872",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"id": "CVE-2017-2872",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2872",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2872",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2872",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-2872",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34264",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-424",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111075",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device, binaries as well as arguments to shell commands contained in the image are executed with elevated privileges. Foscam C1 Indoor HD Camera Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. A remote code execution vulnerability exists in recoveryprocedure in FoscamC1IndoorHDCamera that caused the program to fail to perform adequate security monitoring",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2872"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2872",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0379",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34264",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96856",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111075",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"id": "VAR-201809-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
}
]
},
"last_update_date": "2025-01-30T20:28:15.922000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamIPVideoCamera Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106250"
},
{
"title": "Foscam IP Video Camera Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76292"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111075"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0379"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2872"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2872"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0379"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"db": "VULHUB",
"id": "VHN-111075"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111075"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"date": "2018-09-17T20:29:00.790000",
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34264"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-111075"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014281"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-424"
},
{
"date": "2024-11-21T03:24:21.960000",
"db": "NVD",
"id": "CVE-2017-2872"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-424"
}
],
"trust": 0.6
}
}
VAR-201804-0561
Vulnerability from variot - Updated: 2025-01-30 20:21Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a firmware recovery using a custom image. Foscam C1 Indoor HD Camera Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. A security vulnerability exists in the recovery process used in FoscamC1IndoorHDCamera, which is caused by a program that does not adequately perform security checks. ### Tested Versions Foscam Indoor IP Camera C1 Series System Firmware Version: 1.9.3.18 Application Firmware Version: 2.52.2.43 Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 9.6 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ### CWE CWE-287: Improper Authentication ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on..
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0561",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 1.6,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "c1 indoor hd camera",
"scope": "eq",
"trust": 0.8,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "indoor ip camera c1 series",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_indoor_hd_camera_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
}
]
},
"cve": "CVE-2017-2871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-2871",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-09719",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-111074",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2871",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2871",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2871",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2871",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2871",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-2871",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-09719",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-789",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111074",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-2871",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a firmware recovery using a custom image. Foscam C1 Indoor HD Camera Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. A security vulnerability exists in the recovery process used in FoscamC1IndoorHDCamera, which is caused by a program that does not adequately perform security checks. ### Tested Versions Foscam Indoor IP Camera C1 Series System Firmware Version: 1.9.3.18 Application Firmware Version: 2.52.2.43 Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 9.6 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ### CWE CWE-287: Improper Authentication ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on..",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "VULMON",
"id": "CVE-2017-2871"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2871",
"trust": 3.3
},
{
"db": "TALOS",
"id": "TALOS-2017-0378",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-09719",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97305",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111074",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-2871",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"id": "VAR-201804-0561",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
}
],
"trust": 1.603571435
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
}
]
},
"last_update_date": "2025-01-30T20:21:45.188000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/downloads/index.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0378"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2871"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2871"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/141772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"db": "VULHUB",
"id": "VHN-111074"
},
{
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"date": "2018-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111074"
},
{
"date": "2018-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"date": "2018-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"date": "2018-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"date": "2018-04-17T20:29:00.223000",
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09719"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-111074"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2871"
},
{
"date": "2018-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013275"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-789"
},
{
"date": "2024-11-21T03:24:21.850000",
"db": "NVD",
"id": "CVE-2017-2871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-789"
}
],
"trust": 0.6
}
}
VAR-201809-0080
Vulnerability from variot - Updated: 2025-01-30 19:52An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0080",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2855",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2855",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-34261",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-111058",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2855",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2855",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2855",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2855",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2855",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34261",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-421",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111058",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2855"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2855",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0358",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34261",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96857",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111058",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"id": "VAR-201809-0080",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
}
]
},
"last_update_date": "2025-01-30T19:52:36.303000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "Patch for FoscamC1IndoorHDCameraDDNS Client Buffer Overflow Vulnerability (CNVD-2017-34261)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106247"
},
{
"title": "Foscam C1 Indoor HD Camera DDNS Fixes for client buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76289"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111058"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0358"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2855"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2855"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/reports/talos-2017-0358/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"db": "VULHUB",
"id": "VHN-111058"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111058"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"date": "2018-09-19T16:29:00.443000",
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34261"
},
{
"date": "2018-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-111058"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014279"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-421"
},
{
"date": "2024-11-21T03:24:20.080000",
"db": "NVD",
"id": "CVE-2017-2855"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014279"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-421"
}
],
"trust": 0.6
}
}
VAR-201809-0079
Vulnerability from variot - Updated: 2025-01-30 19:29An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato and another member of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2854",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2854",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-34260",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-111057",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2854",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-2854",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2854",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2854",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2854",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34260",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-420",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111057",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. DDNSclient is one of the dynamic domain name service clients",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2854"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2854",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0357",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34260",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-96860",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111057",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"id": "VAR-201809-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
}
],
"trust": 1.7761904666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "smart home camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
}
]
},
"last_update_date": "2025-01-30T19:29:29.670000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/downloads/index.html"
},
{
"title": "Patch for FoscamC1IndoorHDCameraDDNS Client Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106246"
},
{
"title": "Foscam C1 Indoor HD Camera DDNS Fixes for client buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76288"
},
{
"title": "Foscam C1 Indoor HD Camera DDNS Fixes for client buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76294"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111057"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0357"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2854"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2854"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/reports/talos-2017-0357/"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0357"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"db": "VULHUB",
"id": "VHN-111057"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111057"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"date": "2018-09-17T20:29:00.367000",
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34260"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-111057"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014271"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-420"
},
{
"date": "2024-11-21T03:24:19.960000",
"db": "NVD",
"id": "CVE-2017-2854"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014271"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-420"
}
],
"trust": 0.6
}
}
VAR-201807-2145
Vulnerability from variot - Updated: 2024-11-23 22:45Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter. plural Foscam The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. The Foscom Foscam camera has a stack buffer overflow vulnerability that allows an attacker to exploit the vulnerability to crash the device's webService process. Foscam Cameras C1 Lite V3 etc. are network camera products of China Foscam (FOSCAM) company. A remote attacker could use the 'callbackJson' parameter to cause a denial of service (crash and restart)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-2145",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.133"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9853ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9901ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "c2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9928p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.58"
},
{
"model": "fi9805p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9803ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "r4",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "fi9900p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9804p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9961ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9900ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "r2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9818w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.2.120"
},
{
"model": "fi9828w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9805e",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9815p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9826w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9805w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9816p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9804w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "c1 lite",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c1",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9900p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r4",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "foscam",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9821p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "c1 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "c1",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9831p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9821ep",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9826p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9800p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "c1 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "c1",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.82.2.33"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9800p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
}
]
},
"cve": "CVE-2018-6832",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-6832",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12142",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-136864",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-6832",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6832",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-6832",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-12142",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-495",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-136864",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter. plural Foscam The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. The Foscom Foscam camera has a stack buffer overflow vulnerability that allows an attacker to exploit the vulnerability to crash the device\u0027s webService process. Foscam Cameras C1 Lite V3 etc. are network camera products of China Foscam (FOSCAM) company. A remote attacker could use the \u0027callbackJson\u0027 parameter to cause a denial of service (crash and restart)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6832"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6832",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-12142",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136864",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"id": "VAR-201807-2145",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
}
],
"trust": 1.3452861933333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
}
]
},
"last_update_date": "2024-11-23T22:45:15.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Securing Your Foscam Camera - Important Notice",
"trust": 0.8,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"title": "Forskcom Foscam Camera Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/132883"
},
{
"title": "Multiple Foscam Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84013"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras/"
},
{
"trust": 1.7,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6832"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6832"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"db": "VULHUB",
"id": "VHN-136864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-136864"
},
{
"date": "2018-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"date": "2018-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"date": "2018-07-09T17:29:00.323000",
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12142"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-136864"
},
{
"date": "2018-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008211"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-495"
},
{
"date": "2024-11-21T04:11:15.963000",
"db": "NVD",
"id": "CVE-2018-6832"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Foscam Buffer error vulnerability in product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008211"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-495"
}
],
"trust": 0.6
}
}
VAR-201807-2160
Vulnerability from variot - Updated: 2024-11-23 22:38The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ';' in the ntpServer argument. NOTE: this issue exists because of an incomplete fix for CVE-2017-2849. plural Foscam The camera contains a command injection vulnerability. This vulnerability CVE-2017-2849 Due to an incomplete fix.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. The Foscom Foscam camera has a command injection vulnerability that stems from an attacker gaining administrator credentials that can be exploited as the root user to perform privilege escalation. are network camera products of China Foscam (FOSCAM) company. A security vulnerability exists in the 'setSystemTime' function in several Foscam Cameras products. A remote attacker can use the ';' in the ntpServer parameter to exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-2160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.133"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9853ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9901ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "c2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9928p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.58"
},
{
"model": "fi9805p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9803ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "r4",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "fi9900p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9804p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9961ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9900ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "r2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9818w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.2.120"
},
{
"model": "fi9828w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9805e",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9815p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9826w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9805w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9816p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9804w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "c1 lite",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c1",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9900p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r4",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "foscam",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
},
{
"model": "fi9804w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9805w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9804p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9805p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.11.1.133"
},
{
"model": "fi9805e",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9826p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9818w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.2.120"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9800p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
}
]
},
"cve": "CVE-2018-6831",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-6831",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CNVD-2018-12143",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-136863",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-6831",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6831",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-6831",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-12143",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-136863",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a \u0027;\u0027 in the ntpServer argument. NOTE: this issue exists because of an incomplete fix for CVE-2017-2849. plural Foscam The camera contains a command injection vulnerability. This vulnerability CVE-2017-2849 Due to an incomplete fix.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. The Foscom Foscam camera has a command injection vulnerability that stems from an attacker gaining administrator credentials that can be exploited as the root user to perform privilege escalation. are network camera products of China Foscam (FOSCAM) company. A security vulnerability exists in the \u0027setSystemTime\u0027 function in several Foscam Cameras products. A remote attacker can use the \u0027;\u0027 in the ntpServer parameter to exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6831"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6831",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-12143",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136863",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"id": "VAR-201807-2160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
}
],
"trust": 1.3452861933333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
}
]
},
"last_update_date": "2024-11-23T22:38:05.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Securing Your Foscam Camera - Important Notice",
"trust": 0.8,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"title": "Fuscom Foscam Camera Command Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/132885"
},
{
"title": "Multiple Foscam Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84012"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras/"
},
{
"trust": 1.7,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6831"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6831"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"db": "VULHUB",
"id": "VHN-136863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-136863"
},
{
"date": "2018-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"date": "2018-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"date": "2018-07-09T17:29:00.260000",
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12143"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-136863"
},
{
"date": "2018-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008030"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-496"
},
{
"date": "2024-11-21T04:11:15.770000",
"db": "NVD",
"id": "CVE-2018-6831"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Foscam Command injection vulnerability in camera",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008030"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-496"
}
],
"trust": 0.6
}
}
VAR-201809-0076
Vulnerability from variot - Updated: 2024-11-23 22:21A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. Foscam C1 Indoor HD Camera Application firmware contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. There is a factory reset vulnerability in the Multi-Camera interface in FoscamC1IndoorHDCamera that caused the program to fail to implement error detection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
}
],
"trust": 0.6
},
"cve": "CVE-2017-2877",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2877",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34269",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-111080",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2877",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2877",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2877",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2877",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-2877",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-34269",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-429",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111080",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. Foscam C1 Indoor HD Camera Application firmware contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. There is a factory reset vulnerability in the Multi-Camera interface in FoscamC1IndoorHDCamera that caused the program to fail to implement error detection",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2877"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2017-0384",
"trust": 3.1
},
{
"db": "NVD",
"id": "CVE-2017-2877",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34269",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-96862",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111080",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"id": "VAR-201809-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
}
],
"trust": 1.6761904666666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
}
]
},
"last_update_date": "2024-11-23T22:21:56.527000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.foscam.com/"
},
{
"title": "FoscamIPVideoCamera reset patch for factory settings vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106255"
},
{
"title": "Foscam IP Video Camera Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76297"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-755",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0384"
},
{
"trust": 1.2,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0384"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2877"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2877"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"db": "VULHUB",
"id": "VHN-111080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-111080"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"date": "2018-09-19T18:29:00.547000",
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34269"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-111080"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014274"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-429"
},
{
"date": "2024-11-21T03:24:22.573000",
"db": "NVD",
"id": "CVE-2017-2877"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Application firmware vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014274"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-429"
}
],
"trust": 0.6
}
}
VAR-201807-2159
Vulnerability from variot - Updated: 2024-11-23 22:06Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the URI path component. plural Foscam Camera The product contains a path traversal vulnerability.Information may be tampered with. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. Any file deletion vulnerability in the Foscom Foscam camera allows an attacker to delete any file in the camera's file system by making a special GET request for the camera's web management interface. are network camera products of China Foscam (FOSCAM) company. A directory traversal vulnerability exists in several Foscam products. An attacker could exploit this vulnerability to delete arbitrary files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-2159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.133"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9853ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9901ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.52.2.47"
},
{
"model": "fi9803p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "c2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9928p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.58"
},
{
"model": "fi9805p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9803ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.22.2.31"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "r4",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "c1 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "c1",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.82.2.33"
},
{
"model": "fi9900p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "fi9828p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9804p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.21.2.31"
},
{
"model": "fi9800p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.54.2.47"
},
{
"model": "fi9961ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.59"
},
{
"model": "fi9900ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.74.1.59"
},
{
"model": "r2",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.71.1.59"
},
{
"model": "fi9818w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.2.120"
},
{
"model": "fi9828w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9805e",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9821w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9826p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9831p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9821p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9815p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9821ep",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.81.2.33"
},
{
"model": "fi9851p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.24.2.31"
},
{
"model": "fi9826w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9805w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9816p",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.51.2.47"
},
{
"model": "fi9804w",
"scope": "lte",
"trust": 1.0,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "c1 lite",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c1",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9900p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "r4",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "foscam",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
},
{
"model": "fi9804w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9805w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9804p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.1.120"
},
{
"model": "fi9805p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.11.1.133"
},
{
"model": "fi9805e",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.14.1.120"
},
{
"model": "fi9826p",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.11.1.120"
},
{
"model": "fi9818w",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.13.2.120"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9800p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:fi9900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:r4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
}
]
},
"cve": "CVE-2018-6830",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-6830",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12144",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-136862",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-6830",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6830",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-6830",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-12144",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-497",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-136862",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the URI path component. plural Foscam Camera The product contains a path traversal vulnerability.Information may be tampered with. Foscomm (FOSCAM) is a safe living brand under the Shenzhen Foscom Intelligent Technology Co., Ltd., covering network video surveillance products (webcam, hard disk recorder, monitoring kit), video cloud storage services. Any file deletion vulnerability in the Foscom Foscam camera allows an attacker to delete any file in the camera\u0027s file system by making a special GET request for the camera\u0027s web management interface. are network camera products of China Foscam (FOSCAM) company. A directory traversal vulnerability exists in several Foscam products. An attacker could exploit this vulnerability to delete arbitrary files",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6830"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6830",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-12144",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136862",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"id": "VAR-201807-2159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
}
],
"trust": 1.3452861933333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
}
]
},
"last_update_date": "2024-11-23T22:06:39.728000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Securing Your Foscam Camera - Important Notice",
"trust": 0.8,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"title": "Foscom Foscam camera arbitrary file removal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/132887"
},
{
"title": "Multiple Foscam Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81884"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136862"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras/"
},
{
"trust": 1.7,
"url": "https://www.foscam.com/company/securing-your-foscam-camera-important-notice.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6830"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6830"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"db": "VULHUB",
"id": "VHN-136862"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-136862"
},
{
"date": "2018-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"date": "2018-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"date": "2018-07-09T17:29:00.213000",
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12144"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-136862"
},
{
"date": "2018-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007981"
},
{
"date": "2018-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-497"
},
{
"date": "2024-11-21T04:11:15.567000",
"db": "NVD",
"id": "CVE-2018-6830"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Foscam Camera Path traversal vulnerability in product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-007981"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-497"
}
],
"trust": 0.6
}
}
VAR-201809-0073
Vulnerability from variot - Updated: 2024-11-23 22:06An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. An information disclosure vulnerability exists in FoscamC1IndoorHDCamera
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "2.52.2.43"
},
{
"model": "system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.9.3.18"
},
{
"model": "indoor ip camera c1 plug-in",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "3.3.0.26"
},
{
"model": "indoor ip camera c1 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.52.2.43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
}
]
},
"cve": "CVE-2017-2874",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2874",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34266",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-111077",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2874",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2874",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2874",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2874",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2874",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34266",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-759",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111077",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-2874",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. An information disclosure vulnerability exists in FoscamC1IndoorHDCamera",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "VULMON",
"id": "CVE-2017-2874"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2874",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2017-0381",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34266",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-96854",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111077",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-2874",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"id": "VAR-201809-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
}
],
"trust": 1.6761904666666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
}
]
},
"last_update_date": "2024-11-23T22:06:37.786000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foscam.com/downloads/index.html"
},
{
"title": "FoscamIPVideoCamera Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106252"
},
{
"title": "Foscam C1 Indoor HD Camera Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84928"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0381"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2874"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2874"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0381"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"db": "VULHUB",
"id": "VHN-111077"
},
{
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-111077"
},
{
"date": "2018-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"date": "2018-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"date": "2018-09-17T18:29:00.263000",
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34266"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-111077"
},
{
"date": "2022-06-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2874"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014280"
},
{
"date": "2022-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-759"
},
{
"date": "2024-11-21T03:24:22.197000",
"db": "NVD",
"id": "CVE-2017-2874"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C1 Indoor HD Camera Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-759"
}
],
"trust": 0.6
}
}
CVE-2017-7648 (GCVE-0-2017-7648)
Vulnerability from nvd – Published: 2017-04-10 19:00 – Updated: 2024-09-16 20:02
VLAI?
Summary
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540388/30/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7648",
"datePublished": "2017-04-10T19:00:00Z",
"dateReserved": "2017-04-10T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:45.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7648 (GCVE-0-2017-7648)
Vulnerability from cvelistv5 – Published: 2017-04-10 19:00 – Updated: 2024-09-16 20:02
VLAI?
Summary
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540388/30/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7648",
"datePublished": "2017-04-10T19:00:00Z",
"dateReserved": "2017-04-10T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:45.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}