Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foscam vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-19066
An issue exists on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift* password in so...
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 System Firmware 1.11.1.8
Foscam C2 Application Firmware 2.72.1.32
4
CVSSv2
CVE-2018-19068
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
5
CVSSv2
CVE-2018-19078
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 System Firmware 1.11.1.8
Foscam C2 Application Firmware 2.72.1.32
4.3
CVSSv2
CVE-2018-19080
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
10
CVSSv2
CVE-2018-19081
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote malicious users to execute arbitrary OS commands via the IPv4Address field.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
7.5
CVSSv2
CVE-2018-19082
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote malicious users to conduct stack-based buffer overflow attacks via the IPv4Address field.
Opticam I5 System Firmware 1.5.2.11
Opticam I5 Application Firmware 2.21.1.128
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
7.8
CVSSv2
CVE-2013-2560
Directory traversal vulnerability in the web interface on Foscam devices with firmware prior to 11.37.2.49 allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.
Foscam Fi8919w
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2013-2574
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.
Foscam Fi8620 Firmware -
1 EDB exploit
7.5
CVSSv2
CVE-2017-2805
An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker...
Foscam C1 Hd Indoor Camera Firmware
4
CVSSv2
CVE-2017-2829
An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately f...
Foscam C1 Indoor Hd Camera Firmware 2.52.2.37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »