CVE-2017-2856

An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:foscam:c1_firmware:2.52.2.43:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:24

Type Values Removed Values Added
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0359 - Exploit, Third Party Advisory () https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0359 - Exploit, Third Party Advisory

Information

Published : 2018-09-17 20:29

Updated : 2024-11-21 03:24


NVD link : CVE-2017-2856

Mitre link : CVE-2017-2856

CVE.ORG link : CVE-2017-2856


JSON object : View

Products Affected

foscam

  • c1_firmware
  • c1
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')