Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foscam vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-19065
An issue exists on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9*Q password in...
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
9.8
CVSSv3
CVE-2018-19067
An issue exists on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 System Firmware 1.11.1.8
Foscam C2 Application Firmware 2.72.1.32
9.8
CVSSv3
CVE-2018-19081
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote malicious users to execute arbitrary OS commands via the IPv4Address field.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
9.8
CVSSv3
CVE-2018-19063
An issue exists on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 System Firmware 1.11.1.8
Foscam C2 Application Firmware 2.72.1.32
7.5
CVSSv3
CVE-2018-19074
An issue exists on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 System Firmware 1.11.1.8
Foscam C2 Application Firmware 2.72.1.32
6.1
CVSSv3
CVE-2018-19080
An issue exists on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.
Opticam I5 Application Firmware 2.21.1.128
Opticam I5 System Firmware 1.5.2.11
Foscam C2 Application Firmware 2.72.1.32
Foscam C2 System Firmware 1.11.1.8
9.8
CVSSv3
CVE-2017-2805
An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker...
Foscam C1 Hd Indoor Camera Firmware
NA
CVE-2013-2560
Directory traversal vulnerability in the web interface on Foscam devices with firmware prior to 11.37.2.49 allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.
Foscam Fi8919w
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2013-2574
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.
Foscam Fi8620 Firmware -
1 EDB exploit
8.8
CVSSv3
CVE-2017-2827
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation ...
Foscam C1 Indoor Hd Camera Firmware 2.52.2.37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »