ID CVE-2018-19078
Summary An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.
References
Vulnerable Configurations
  • cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128
    cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128
  • cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11
    cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11
  • cpe:2.3:h:opticam:i5
    cpe:2.3:h:opticam:i5
  • cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32
    cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32
  • cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8
    cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8
  • cpe:2.3:h:foscam:c2
    cpe:2.3:h:foscam:c2
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-255
CAPEC
refmap via4
misc https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt
Last major update 07-11-2018 - 13:29
Published 07-11-2018 - 13:29
Last modified 13-12-2018 - 11:27
Back to Top