Find a vulnerability
Search criteria
20 vulnerabilities by opticam
VAR-201811-0737
Vulnerability from variot - Updated: 2024-11-23 23:11An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attacks, because failed-authentication limits apply only to HTTP (not FTP or RTSP). Foscam C2 Device and Opticam i5 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A violent authentication attack vulnerability exists in the FoscamC2 and Opticami5 devices, which can be exploited by remote attackers to enforce brute force attacks. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0737",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c2 system",
"scope": "eq",
"trust": 2.4,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "i5 application",
"scope": "eq",
"trust": 1.8,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 1.8,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
}
]
},
"cve": "CVE-2018-19076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19076",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04042",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129699",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19076",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19076",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19076",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-04042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-153",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129699",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attacks, because failed-authentication limits apply only to HTTP (not FTP or RTSP). Foscam C2 Device and Opticam i5 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A violent authentication attack vulnerability exists in the FoscamC2 and Opticami5 devices, which can be exploited by remote attackers to enforce brute force attacks. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19076"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19076",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04042",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129699",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"id": "VAR-201811-0737",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
}
]
},
"last_update_date": "2024-11-23T23:11:58.160000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129699"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19076"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19076"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"db": "VULHUB",
"id": "VHN-129699"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129699"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"date": "2018-11-07T18:29:05.070000",
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04042"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129699"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011672"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-153"
},
{
"date": "2024-11-21T03:57:17.287000",
"db": "NVD",
"id": "CVE-2018-19076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011672"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-153"
}
],
"trust": 0.6
}
}
VAR-201811-0821
Vulnerability from variot - Updated: 2024-11-23 23:11An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed. Foscam C2 Device and Opticam i5 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An encryption vulnerability exists in the FoscamC2 and Opticami5 devices. The vulnerability stems from the use of a null password (not modifiable) on the ftpuser1 account, which an attacker can use to control the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0821",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
}
]
},
"cve": "CVE-2018-19064",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19064",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04048",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129686",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19064",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19064",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19064",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-04048",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-141",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129686",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19064",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed. Foscam C2 Device and Opticam i5 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An encryption vulnerability exists in the FoscamC2 and Opticami5 devices. The vulnerability stems from the use of a null password (not modifiable) on the ftpuser1 account, which an attacker can use to control the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19064"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "VULMON",
"id": "CVE-2018-19064"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19064",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-04048",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129686",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19064",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"id": "VAR-201811-0821",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
}
]
},
"last_update_date": "2024-11-23T23:11:57.987000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-521",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19064"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19064"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/521.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"db": "VULHUB",
"id": "VHN-129686"
},
{
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129686"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"date": "2018-11-07T18:29:00.803000",
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04048"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129686"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19064"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011649"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-141"
},
{
"date": "2024-11-21T03:57:15.433000",
"db": "NVD",
"id": "CVE-2018-19064"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011649"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-141"
}
],
"trust": 0.6
}
}
VAR-201811-0732
Vulnerability from variot - Updated: 2024-11-23 23:08An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up. Foscam C2 Device and Opticam i5 Devices have vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). Security vulnerabilities exist in Foscam C2 and Opticam i5 devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0732",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
}
]
},
"cve": "CVE-2018-19071",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19071",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-04050",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-129694",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-19071",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19071",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19071",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04050",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-148",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-129694",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-19071",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up. Foscam C2 Device and Opticam i5 Devices have vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). Security vulnerabilities exist in Foscam C2 and Opticam i5 devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "VULMON",
"id": "CVE-2018-19071"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19071",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04050",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129694",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19071",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"id": "VAR-201811-0732",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
}
]
},
"last_update_date": "2024-11-23T23:08:32.904000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19071"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19071"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/732.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"db": "VULHUB",
"id": "VHN-129694"
},
{
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129694"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"date": "2018-11-07T18:29:03.397000",
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04050"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129694"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19071"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011690"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-148"
},
{
"date": "2024-11-21T03:57:16.513000",
"db": "NVD",
"id": "CVE-2018-19071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to authorization, authority, and access control in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011690"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-148"
}
],
"trust": 0.6
}
}
VAR-201811-0731
Vulnerability from variot - Updated: 2024-11-23 23:04An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action. Foscam C2 Device and Opticam i5 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An operating system command injection vulnerability exists in the FoscamC2 and Opticami5 devices. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0731",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
}
]
},
"cve": "CVE-2018-19070",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-19070",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-04051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-129693",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-19070",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19070",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19070",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04051",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-147",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129693",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action. Foscam C2 Device and Opticam i5 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An operating system command injection vulnerability exists in the FoscamC2 and Opticami5 devices. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19070"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19070",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04051",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129693",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"id": "VAR-201811-0731",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
}
]
},
"last_update_date": "2024-11-23T23:04:56.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129693"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19070"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19070"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"db": "VULHUB",
"id": "VHN-129693"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129693"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"date": "2018-11-07T18:29:02.773000",
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04051"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129693"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011691"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-147"
},
{
"date": "2024-11-21T03:57:16.350000",
"db": "NVD",
"id": "CVE-2018-19070"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 In the device OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-147"
}
],
"trust": 0.6
}
}
VAR-201811-0740
Vulnerability from variot - Updated: 2024-11-23 23:01An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot. Foscam Opticam i5 There is an input validation vulnerability in the device system firmware and application firmware.Service operation interruption (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM). This vulnerability could be exploited by an unauthenticated attacker to cause a device reboot
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0740",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
}
]
},
"cve": "CVE-2018-19079",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19079",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-22819",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-129702",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19079",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19079",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19079",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-22819",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-156",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-129702",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot. Foscam Opticam i5 There is an input validation vulnerability in the device system firmware and application firmware.Service operation interruption (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM). This vulnerability could be exploited by an unauthenticated attacker to cause a device reboot",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19079"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19079",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22819",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129702",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"id": "VAR-201811-0740",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
}
]
},
"last_update_date": "2024-11-23T23:01:59.062000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-862",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129702"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19079"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19079"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"db": "VULHUB",
"id": "VHN-129702"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129702"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"date": "2018-11-07T18:29:06.353000",
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22819"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-129702"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011914"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-156"
},
{
"date": "2024-11-21T03:57:17.780000",
"db": "NVD",
"id": "CVE-2018-19079"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Vulnerability related to input verification in device system firmware and application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011914"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-156"
}
],
"trust": 0.6
}
}
VAR-201811-0824
Vulnerability from variot - Updated: 2024-11-23 23:01An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A hard-coded password vulnerability exists in FoscamC2 and Opticami5 devices. The vulnerability stems from the use of hard-coded passwords in the factory account (Ak47@99), which can be exploited by attackers to control devices. An attacker could exploit this vulnerability to take control of the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0824",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
}
]
},
"cve": "CVE-2018-19067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19067",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04052",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129689",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19067",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19067",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19067",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-04052",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-144",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129689",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19067",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A hard-coded password vulnerability exists in FoscamC2 and Opticami5 devices. The vulnerability stems from the use of hard-coded passwords in the factory account (Ak47@99), which can be exploited by attackers to control devices. An attacker could exploit this vulnerability to take control of the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19067"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "VULMON",
"id": "CVE-2018-19067"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19067",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04052",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129689",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19067",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"id": "VAR-201811-0824",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
}
]
},
"last_update_date": "2024-11-23T23:01:58.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19067"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19067"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"db": "VULHUB",
"id": "VHN-129689"
},
{
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129689"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"date": "2018-11-07T18:29:01.837000",
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04052"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129689"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19067"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011652"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-144"
},
{
"date": "2024-11-21T03:57:15.880000",
"db": "NVD",
"id": "CVE-2018-19067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011652"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-144"
}
],
"trust": 0.6
}
}
VAR-201811-0743
Vulnerability from variot - Updated: 2024-11-23 22:55An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field. Foscam Opticam i5 A buffer error vulnerability exists in the device system firmware and application firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
}
]
},
"cve": "CVE-2018-19082",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19082",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-22822",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129706",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19082",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19082",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19082",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-22822",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-159",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129706",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field. Foscam Opticam i5 A buffer error vulnerability exists in the device system firmware and application firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19082"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19082",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22822",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129706",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"id": "VAR-201811-0743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
}
]
},
"last_update_date": "2024-11-23T22:55:42.335000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129706"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19082"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19082"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"db": "VULHUB",
"id": "VHN-129706"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129706"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"date": "2018-11-07T18:29:07.727000",
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22822"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-129706"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011910"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-159"
},
{
"date": "2024-11-21T03:57:18.253000",
"db": "NVD",
"id": "CVE-2018-19082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Buffer error vulnerability in device system firmware and application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011910"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-159"
}
],
"trust": 0.6
}
}
VAR-201811-0735
Vulnerability from variot - Updated: 2024-11-23 22:41An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88. Foscam C2 Device and Opticam i5 The device contains an access control vulnerability.Information may be tampered with. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A firewall invalidation vulnerability exists in the FoscamC2 and Opticami5 devices. The vulnerability stems from the firewall blocking only ports 443 and 88, which can be exploited by remote attackers to control devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0735",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
}
]
},
"cve": "CVE-2018-19074",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19074",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04044",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-129697",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19074",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19074",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19074",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04044",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-151",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-129697",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88. Foscam C2 Device and Opticam i5 The device contains an access control vulnerability.Information may be tampered with. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A firewall invalidation vulnerability exists in the FoscamC2 and Opticami5 devices. The vulnerability stems from the firewall blocking only ports 443 and 88, which can be exploited by remote attackers to control devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19074"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19074",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04044",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129697",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"id": "VAR-201811-0735",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
}
]
},
"last_update_date": "2024-11-23T22:41:39.013000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129697"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19074"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19074"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"db": "VULHUB",
"id": "VHN-129697"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129697"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"date": "2018-11-07T18:29:04.303000",
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04044"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129697"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011687"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-151"
},
{
"date": "2024-11-21T03:57:16.977000",
"db": "NVD",
"id": "CVE-2018-19074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Device access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011687"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-151"
}
],
"trust": 0.6
}
}
VAR-201811-0741
Vulnerability from variot - Updated: 2024-11-23 22:38An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS. FoscamOpticami5 is an IP camera from Foscom (FOSCAM). An unauthenticated attacker can exploit this vulnerability for cross-site scripting attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0741",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
}
]
},
"cve": "CVE-2018-19080",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-19080",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-22820",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-129704",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-19080",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19080",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19080",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-22820",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-157",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129704",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS. FoscamOpticami5 is an IP camera from Foscom (FOSCAM). An unauthenticated attacker can exploit this vulnerability for cross-site scripting attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19080"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19080",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22820",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129704",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"id": "VAR-201811-0741",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
}
]
},
"last_update_date": "2024-11-23T22:38:01.678000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19080"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19080"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "VULHUB",
"id": "VHN-129704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129704"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"date": "2018-11-07T18:29:06.807000",
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-129704"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011908"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-157"
},
{
"date": "2024-11-21T03:57:17.940000",
"db": "NVD",
"id": "CVE-2018-19080"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22820"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-157"
}
],
"trust": 0.6
}
}
VAR-201811-0825
Vulnerability from variot - Updated: 2024-11-23 22:37An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials. FoscamOptiCami5 is an IP camera from China Foscam. There are security vulnerabilities in FoscamOpticami5deviceswithSystemFirmware1.5.2.11 and ApplicationFirmware2.21.1.128. An attacker could exploit this vulnerability to control the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0825",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
}
]
},
"cve": "CVE-2018-19068",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-19068",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-22816",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-129690",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2018-19068",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19068",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19068",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-22816",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-145",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129690",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials. FoscamOptiCami5 is an IP camera from China Foscam. There are security vulnerabilities in FoscamOpticami5deviceswithSystemFirmware1.5.2.11 and ApplicationFirmware2.21.1.128. An attacker could exploit this vulnerability to control the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19068"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19068",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22816",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129690",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"id": "VAR-201811-0825",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
}
]
},
"last_update_date": "2024-11-23T22:37:58.017000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129690"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19068"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19068"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"db": "VULHUB",
"id": "VHN-129690"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129690"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"date": "2018-11-07T18:29:02.100000",
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22816"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129690"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011913"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-145"
},
{
"date": "2024-11-21T03:57:16.030000",
"db": "NVD",
"id": "CVE-2018-19068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Vulnerabilities related to security functions in device system firmware and application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011913"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-145"
}
],
"trust": 0.6
}
}
VAR-201811-0733
Vulnerability from variot - Updated: 2024-11-23 22:30An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An archive file replacement vulnerability exists in FoscamC2 and Opticami5 devices that can be exploited by local attackers to replace archived files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0733",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
}
]
},
"cve": "CVE-2018-19072",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19072",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-04046",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-129695",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2018-19072",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19072",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19072",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-04046",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-149",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129695",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An archive file replacement vulnerability exists in FoscamC2 and Opticami5 devices that can be exploited by local attackers to replace archived files",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19072"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19072",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04046",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129695",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"id": "VAR-201811-0733",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
}
]
},
"last_update_date": "2024-11-23T22:30:11.210000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129695"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19072"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19072"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"db": "VULHUB",
"id": "VHN-129695"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129695"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"date": "2018-11-07T18:29:03.697000",
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04046"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129695"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011689"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-149"
},
{
"date": "2024-11-21T03:57:16.663000",
"db": "NVD",
"id": "CVE-2018-19072"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to authorization, authority, and access control in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011689"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-149"
}
],
"trust": 0.6
}
}
VAR-201811-0738
Vulnerability from variot - Updated: 2024-11-23 22:26An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0738",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
}
]
},
"cve": "CVE-2018-19077",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19077",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-22817",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-129700",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19077",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19077",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19077",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-22817",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-154",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-129700",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19077",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "VULMON",
"id": "CVE-2018-19077"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19077",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22817",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129700",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19077",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"id": "VAR-201811-0738",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
}
]
},
"last_update_date": "2024-11-23T22:26:06.942000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
},
{
"title": "https://github.com/Samsung/cotopaxi",
"trust": 0.1,
"url": "https://github.com/Samsung/cotopaxi "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19077"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19077"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/samsung/cotopaxi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"db": "VULHUB",
"id": "VHN-129700"
},
{
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129700"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"date": "2018-11-07T18:29:05.383000",
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22817"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-129700"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19077"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011912"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-154"
},
{
"date": "2024-11-21T03:57:17.447000",
"db": "NVD",
"id": "CVE-2018-19077"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Out-of-bounds reading vulnerability in device system firmware and application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011912"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-154"
}
],
"trust": 0.6
}
}
VAR-201811-0820
Vulnerability from variot - Updated: 2024-11-23 22:26An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password. Foscam C2 Devices and Opticam i5 The device is vulnerable to the use of hard-coded credentials.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). The vulnerability stems from the use of a null password in the admin account, which an attacker can use to control the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0820",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
}
]
},
"cve": "CVE-2018-19063",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19063",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04049",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129685",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19063",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19063",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19063",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-04049",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-140",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129685",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19063",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password. Foscam C2 Devices and Opticam i5 The device is vulnerable to the use of hard-coded credentials.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). The vulnerability stems from the use of a null password in the admin account, which an attacker can use to control the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19063"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "VULMON",
"id": "CVE-2018-19063"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19063",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-04049",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129685",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19063",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"id": "VAR-201811-0820",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
}
]
},
"last_update_date": "2024-11-23T22:26:06.867000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19063"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19063"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"db": "VULHUB",
"id": "VHN-129685"
},
{
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129685"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"date": "2018-11-07T18:29:00.523000",
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04049"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129685"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19063"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011648"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-140"
},
{
"date": "2024-11-21T03:57:15.283000",
"db": "NVD",
"id": "CVE-2018-19063"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Devices and Opticam i5 Vulnerability in using hard-coded credentials on device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011648"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-140"
}
],
"trust": 0.6
}
}
VAR-201811-0739
Vulnerability from variot - Updated: 2024-11-23 22:17An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password. Foscam Opticam i5 There are vulnerabilities related to certificate and password management in the system firmware and application firmware of devices.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0739",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
}
]
},
"cve": "CVE-2018-19078",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19078",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-22818",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129701",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19078",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19078",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19078",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-22818",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-155",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129701",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password. Foscam Opticam i5 There are vulnerabilities related to certificate and password management in the system firmware and application firmware of devices.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19078"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19078",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22818",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129701",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"id": "VAR-201811-0739",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
}
]
},
"last_update_date": "2024-11-23T22:17:15.431000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129701"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19078"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19078"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"db": "VULHUB",
"id": "VHN-129701"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129701"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"date": "2018-11-07T18:29:05.853000",
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22818"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-129701"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011911"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-155"
},
{
"date": "2024-11-21T03:57:17.623000",
"db": "NVD",
"id": "CVE-2018-19078"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 Vulnerabilities related to certificate and password management in device system firmware and application firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011911"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-155"
}
],
"trust": 0.6
}
}
VAR-201811-0823
Vulnerability from variot - Updated: 2024-11-23 22:17An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift password in some cases. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An information disclosure vulnerability exists in the FoscamC2 and Opticami5 devices that originated from the configuration backup file using a hard-coded password (Pxift) that an attacker could use to control the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0823",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
}
]
},
"cve": "CVE-2018-19066",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19066",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04053",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129688",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19066",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19066",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19066",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04053",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-143",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129688",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift* password in some cases. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An information disclosure vulnerability exists in the FoscamC2 and Opticami5 devices that originated from the configuration backup file using a hard-coded password (Pxift*) that an attacker could use to control the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19066"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19066",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04053",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129688",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"id": "VAR-201811-0823",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
}
]
},
"last_update_date": "2024-11-23T22:17:15.338000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19066"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19066"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"db": "VULHUB",
"id": "VHN-129688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129688"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"date": "2018-11-07T18:29:01.570000",
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04053"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129688"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011651"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-143"
},
{
"date": "2024-11-21T03:57:15.730000",
"db": "NVD",
"id": "CVE-2018-19066"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011651"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-143"
}
],
"trust": 0.6
}
}
VAR-201811-0736
Vulnerability from variot - Updated: 2024-11-23 22:12An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain credentials and firewall rules because invalid credentials lead to error -2, whereas rule-based blocking leads to error -8. Foscam C2 Device and Opticam i5 The device contains an information disclosure vulnerability.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0736",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
}
]
},
"cve": "CVE-2018-19075",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19075",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04043",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129698",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19075",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19075",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19075",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-04043",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-152",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129698",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain credentials and firewall rules because invalid credentials lead to error -2, whereas rule-based blocking leads to error -8. Foscam C2 Device and Opticam i5 The device contains an information disclosure vulnerability.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19075"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19075",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04043",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129698",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"id": "VAR-201811-0736",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
}
]
},
"last_update_date": "2024-11-23T22:12:13.427000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19075"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19075"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"db": "VULHUB",
"id": "VHN-129698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129698"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"date": "2018-11-07T18:29:04.697000",
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04043"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129698"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011673"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-152"
},
{
"date": "2024-11-21T03:57:17.123000",
"db": "NVD",
"id": "CVE-2018-19075"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Information disclosure vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011673"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-152"
}
],
"trust": 0.6
}
}
VAR-201811-0822
Vulnerability from variot - Updated: 2024-11-23 22:12An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9*Q password in some cases. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An information disclosure vulnerability exists in the FoscamC2 and Opticami5 devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0822",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
}
]
},
"cve": "CVE-2018-19065",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19065",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04054",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-129687",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19065",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19065",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19065",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-142",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-129687",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9*Q password in some cases. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). An information disclosure vulnerability exists in the FoscamC2 and Opticami5 devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19065"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19065",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04054",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129687",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"id": "VAR-201811-0822",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
}
]
},
"last_update_date": "2024-11-23T22:12:13.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129687"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19065"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19065"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"db": "VULHUB",
"id": "VHN-129687"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129687"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"date": "2018-11-07T18:29:01.180000",
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04054"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129687"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011650"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-142"
},
{
"date": "2024-11-21T03:57:15.583000",
"db": "NVD",
"id": "CVE-2018-19065"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011650"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-142"
}
],
"trust": 0.6
}
}
VAR-201811-0742
Vulnerability from variot - Updated: 2024-11-23 22:06An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field. Foscam Opticam i5 Device system firmware and application firmware include OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0742",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 application",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "c2 system",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "opticam i5 application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
}
]
},
"cve": "CVE-2018-19081",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19081",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-22821",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129705",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19081",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19081",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19081",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-22821",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-158",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129705",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19081",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field. Foscam Opticam i5 Device system firmware and application firmware include OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamOpticami5 is an IP camera from Foscom (FOSCAM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19081"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "VULMON",
"id": "CVE-2018-19081"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19081",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-22821",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19081",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"id": "VAR-201811-0742",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
}
]
},
"last_update_date": "2024-11-23T22:06:28.111000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19081"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19081"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"db": "VULHUB",
"id": "VHN-129705"
},
{
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129705"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"date": "2018-11-07T18:29:07.337000",
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-22821"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-129705"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19081"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011909"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-158"
},
{
"date": "2024-11-21T03:57:18.090000",
"db": "NVD",
"id": "CVE-2018-19081"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Opticam i5 In the system firmware and application firmware of the device OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011909"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-158"
}
],
"trust": 0.6
}
}
VAR-201811-0826
Vulnerability from variot - Updated: 2024-11-23 22:06An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). There are security vulnerabilities in the FoscamC2 and Opticami5 devices that an attacker can use to control the telnetd service by sending a specially crafted HTTP request. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0826",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
}
]
},
"cve": "CVE-2018-19069",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19069",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04047",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129691",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19069",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19069",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19069",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-04047",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-146",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129691",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19069",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor. Foscam C2 Device and Opticam i5 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). There are security vulnerabilities in the FoscamC2 and Opticami5 devices that an attacker can use to control the telnetd service by sending a specially crafted HTTP request. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "VULMON",
"id": "CVE-2018-19069"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19069",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04047",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129691",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19069",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"id": "VAR-201811-0826",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
}
]
},
"last_update_date": "2024-11-23T22:06:28.033000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19069"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19069"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"db": "VULHUB",
"id": "VHN-129691"
},
{
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129691"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"date": "2018-11-07T18:29:02.367000",
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04047"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129691"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19069"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011653"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-146"
},
{
"date": "2024-11-21T03:57:16.190000",
"db": "NVD",
"id": "CVE-2018-19069"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 Device and Opticam i5 Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011653"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-146"
}
],
"trust": 0.6
}
}
VAR-201811-0734
Vulnerability from variot - Updated: 2024-11-23 21:52An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access. Foscam C2 Device and Opticam i5 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foscam C2 and Opticam i5 are both IP camera products of China Foscam
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0734",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i5 application",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "2.21.1.128"
},
{
"model": "i5 system",
"scope": "eq",
"trust": 2.4,
"vendor": "opticam",
"version": "1.5.2.11"
},
{
"model": "c2 application",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 system",
"scope": "eq",
"trust": 1.8,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "c2 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.72.1.32"
},
{
"model": "c2 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.11.1.8"
},
{
"model": "opticam i5 devices with application",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "2.21.1.128"
},
{
"model": "opticam i5 devices with system",
"scope": "eq",
"trust": 0.6,
"vendor": "foscam",
"version": "1.5.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:foscam:c2_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:foscam:c2_system_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_application_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:opticam:i5_system_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
}
]
},
"cve": "CVE-2018-19073",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-19073",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-04045",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-129696",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-19073",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19073",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19073",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04045",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-150",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129696",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access. Foscam C2 Device and Opticam i5 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foscam C2 and Opticam i5 are both IP camera products of China Foscam",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19073"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19073",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04045",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129696",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"id": "VAR-201811-0734",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
}
],
"trust": 1.66666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
}
]
},
"last_update_date": "2024-11-23T21:52:39.246000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "C2",
"trust": 0.8,
"url": "https://www.foscam.com/C2.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129696"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19073"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19073"
},
{
"trust": 0.8,
"url": "https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "VULHUB",
"id": "VHN-129696"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-129696"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"date": "2018-11-07T18:29:03.930000",
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-129696"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011688"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-150"
},
{
"date": "2024-11-21T03:57:16.820000",
"db": "NVD",
"id": "CVE-2018-19073"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam C2 and Opticam i5 Operating System Command Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04045"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-150"
}
],
"trust": 0.6
}
}