CVE-2017-2856 HIGH

CVE-2017-2856

Vendor Foscam
Product Foscam Indoor IP Camera C1 Series
Published September 17, 2018
Last update September 16, 2024

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.

Key dates

02Disclosure timeline

September 17, 2018 CVE published
September 16, 2024 Record updated