Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
References
Link | Resource |
---|---|
http://www.securityfocus.com/archive/1/540388/30/0/threaded | Third Party Advisory VDB Entry |
http://www.securityfocus.com/archive/1/540388/30/0/threaded | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/archive/1/540388/30/0/threaded - Third Party Advisory, VDB Entry |
Information
Published : 2017-04-10 19:59
Updated : 2024-11-21 03:32
NVD link : CVE-2017-7648
Mitre link : CVE-2017-7648
CVE.ORG link : CVE-2017-7648
JSON object : View
Products Affected
foscam
- fi9851p
- fi9853ep
- c2
- fi9903p
- fi9928p
- r2
- fi9828p
- fi9826p
- c1
- fi9800xe
- c1_lite
- fi9901ep
CWE
CWE-798
Use of Hard-coded Credentials