CVE-2017-2877

Summary

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication.

Affected Software

VendorProductVersion RangeStatus
FoscamFoscam C1 Indoor HD CameraFoscam Indoor IP Camera C1 Series,System Firmware Version: 1.9.3.18,Application Firmware Version: 2.52.2.43,Plug-In Version: 3.3.0.26affected

Weaknesses

  • Missing Report of Error Condition

ADP Enrichment

CVE Program Container

Additional References

References