CVE-2016-8731

Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.
References
Link Resource
http://www.securityfocus.com/bid/99193 Broken Link Third Party Advisory VDB Entry
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 Third Party Advisory
http://www.securityfocus.com/bid/99193 Broken Link Third Party Advisory VDB Entry
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:foscam:c1_webcam_firmware:1.9.1.12:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_webcam:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:59

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/99193 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/99193 - Broken Link, Third Party Advisory, VDB Entry
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 - Third Party Advisory () https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 - Third Party Advisory

Information

Published : 2017-06-21 19:29

Updated : 2024-11-21 02:59


NVD link : CVE-2016-8731

Mitre link : CVE-2016-8731

CVE.ORG link : CVE-2016-8731


JSON object : View

Products Affected

foscam

  • c1_webcam
  • c1_webcam_firmware
CWE
CWE-798

Use of Hard-coded Credentials