CVE-2017-2805 - An exploitable stack-based buffer overflow vulnerability exists in the web management interface used

CVE-2017-2805

Summary

An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simply send an http request to the device to trigger this vulnerability.

References

Vulnerable Configurations

cpe:2.3:o:foscam:c1_hd_indoor_camera_firmware:1.9.3.17:*:*:*:*:*:*:*
cpe:2.3:o:foscam:c1_hd_indoor_camera_firmware:1.9.3.17:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_hd_indoor_camera:-:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_hd_indoor_camera:-:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 27-01-2023 - 19:34)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	99190
misc	https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0299

Last major update

27-01-2023 - 19:34

Published

21-06-2017 - 13:29

Last modified

27-01-2023 - 19:34