Skip to main content

C1 Indoor Hd Camera Firmware CVE-2017-2851

HIGH
Classic Buffer Overflow (CWE-120)
2017-06-29 talos-cna@cisco.com
7.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 29, 2017 - 17:29 cve.org
HIGH 7.2

DescriptionCVE.org

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow.

AnalysisAI

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow. Affected products include: Foscam C1 Indoor Hd Camera Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

CVE-2017-2828 HIGH POC
8.8 Jun 21

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Ca

CVE-2017-2827 HIGH POC
8.8 Jun 21

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Ca

CVE-2017-2831 HIGH POC
7.5 Jun 21

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Came

CVE-2017-2830 HIGH POC
7.5 Jun 21

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Came

CVE-2017-2829 MEDIUM POC
6.5 Jun 21

An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD

CVE-2017-2848 HIGH
8.8 Jun 29

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted

CVE-2017-2849 HIGH
8.8 Jun 29

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted

CVE-2017-2847 HIGH
8.8 Jun 29

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted

CVE-2017-2846 HIGH
8.8 Jun 29

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted

CVE-2017-2845 HIGH
8.8 Jun 29

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Ca

CVE-2017-2841 HIGH
8.8 Jun 27

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Ca

CVE-2017-2843 HIGH
8.8 Jun 27

In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafte

Share

CVE-2017-2851 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy