Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/99193 | Broken Link Third Party Advisory VDB Entry |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 | Third Party Advisory |
http://www.securityfocus.com/bid/99193 | Broken Link Third Party Advisory VDB Entry |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/99193 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 - Third Party Advisory |
Information
Published : 2017-06-21 19:29
Updated : 2024-11-21 02:59
NVD link : CVE-2016-8731
Mitre link : CVE-2016-8731
CVE.ORG link : CVE-2016-8731
JSON object : View
Products Affected
foscam
- c1_webcam
- c1_webcam_firmware
CWE
CWE-798
Use of Hard-coded Credentials