Vulnerability-Lookup

CNVD-2017-16320

Vulnerability from cnvd - Published: 2017-07-24

Title

Foscam C1硬编码凭据认证绕过漏洞

Description

Foscam C1是中国福斯康姆（FOSCAM）公司的无线IP摄像机产品。使用1.9.1.12版本固件的Foscam C1存在安全漏洞。远程攻击者可利用该漏洞访问没有阻断50021端口的摄像机。

Severity

高

Patch Name

Foscam C1硬编码凭据认证绕过漏洞的补丁

Patch Description

Foscam C1是中国福斯康姆（FOSCAM）公司的无线IP摄像机产品。使用1.9.1.12版本固件的Foscam C1存在安全漏洞。远程攻击者可利用该漏洞访问没有阻断50021端口的摄像机。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245

Reference

https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245

Impacted products

Name
Foscam C1 Webcam 1.9.1.12

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99193"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8731"
    }
  },
  "description": "Foscam C1\u662f\u4e2d\u56fd\u798f\u65af\u5eb7\u59c6\uff08FOSCAM\uff09\u516c\u53f8\u7684\u65e0\u7ebfIP\u6444\u50cf\u673a\u4ea7\u54c1\u3002\r\n \r\n\u4f7f\u75281.9.1.12\u7248\u672c\u56fa\u4ef6\u7684Foscam C1\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u6ca1\u6709\u963b\u65ad50021\u7aef\u53e3\u7684\u6444\u50cf\u673a\u3002",
  "discovererName": "Richard Harman and Dave McDaniel of Cisco Talos",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-16320",
  "openTime": "2017-07-24",
  "patchDescription": "Foscam C1\u662f\u4e2d\u56fd\u798f\u65af\u5eb7\u59c6\uff08FOSCAM\uff09\u516c\u53f8\u7684\u65e0\u7ebfIP\u6444\u50cf\u673a\u4ea7\u54c1\u3002\r\n \r\n\u4f7f\u75281.9.1.12\u7248\u672c\u56fa\u4ef6\u7684Foscam C1\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u6ca1\u6709\u963b\u65ad50021\u7aef\u53e3\u7684\u6444\u50cf\u673a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Foscam C1\u786c\u7f16\u7801\u51ed\u636e\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Foscam C1 Webcam 1.9.1.12"
  },
  "referenceLink": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245",
  "serverity": "\u9ad8",
  "submitTime": "2017-06-22",
  "title": "Foscam C1\u786c\u7f16\u7801\u51ed\u636e\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2016-8731 (GCVE-0-2016-8731)

Vulnerability from cvelistv5 – Published: 2017-06-21 19:00 – Updated: 2024-08-06 02:27

Summary

Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

password vulnerability

Assigner

talos

References

URL

Tags

	http://www.securityfocus.com/bid/99193	vdb-entryx_refsource_BID
	https://www.talosintelligence.com/vulnerability_r…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Foscan	Foscam C1 Webcam	Affected: Firmware Version 1.9.1.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99193",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99193"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Foscam C1 Webcam",
          "vendor": "Foscan",
          "versions": [
            {
              "status": "affected",
              "version": "Firmware Version 1.9.1.12"
            }
          ]
        }
      ],
      "datePublic": "2017-06-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "password vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T19:17:06",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "99193",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99193"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2016-8731",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Foscam C1 Webcam",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Firmware Version 1.9.1.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Foscan"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "password vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99193",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99193"
            },
            {
              "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245",
              "refsource": "MISC",
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2016-8731",
    "datePublished": "2017-06-21T19:00:00",
    "dateReserved": "2016-10-17T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-16320

CVE-2016-8731 (GCVE-0-2016-8731)

Tags

Sightings

Nomenclature