ID CVE-2018-19068
Summary An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.
References
Vulnerable Configurations
  • cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128
    cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128
  • cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11
    cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11
  • cpe:2.3:h:opticam:i5
    cpe:2.3:h:opticam:i5
  • cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32
    cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32
  • cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8
    cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8
  • cpe:2.3:h:foscam:c2
    cpe:2.3:h:foscam:c2
CVSS
Base: 4.0
Impact:
Exploitability:
CWE CWE-254
CAPEC
refmap via4
misc https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt
Last major update 07-11-2018 - 13:29
Published 07-11-2018 - 13:29
Last modified 13-12-2018 - 10:47
Back to Top