Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foscam vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-2855
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by...
Foscam C1 Firmware 2.52.2.43
NA
CVE-2013-5215
Cross-site scripting (XSS) vulnerability in the web interface "WiFi scan" option in FOSCAM Wireless IP Cameras allows remote malicious users to inject arbitrary web script or HTML via the SSID.
Foscam Wireless Ip Camera -
9.8
CVSSv3
CVE-2021-43517
FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.
Foscam Fi9805e Firmware 4.02.r12.00018510.10012.143900.00000
NA
CVE-2014-1849
Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote malicious users to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera...
Foscam Ip Camera Firmware 11.37.2.49
1 EDB exploit
NA
CVE-2012-3002
The web interface on (1) Foscam and (2) Wansview IP cameras allows remote malicious users to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL.
Foscam H.264 Hi3510\\/11\\/12 Ip Camera -
Wansview H.264 Hi3510\\/11\\/12 Ip Camera -
NA
CVE-2013-25743
Core Security Technologies Advisory - Due to improper access restrictions, the FOSCAM FI8620 device allows a remote attacker the ability to browse and access arbitrary files from the directories '/tmpfs/' and '/log/' without requiring authentication. This coul...
6.8
CVSSv3
CVE-2020-28096
FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.
Foscammall Foscam X1 Firmware 1.14.2.4
1 Github repository
9.8
CVSSv3
CVE-2017-5674
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an malicious user to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - note the lack of "/" in the path field of the request) ...
Embedthis Goahead -
1 Github repository
8.8
CVSSv3
CVE-2017-5675
A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. The mail-sending form in the mail.htm page allows an malicious user to inject a command into the receiver1 field...
Embedthis Goahead -
9.8
CVSSv3
CVE-2019-11560
A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated malicious user to remotely run arbitrary code by sending a special RTSP over HTTP packet. The vulnerability was found in many cameras using hisilicon's ha...
Hisilicon Hi3516 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7