Lucene search

K
cve[email protected]CVE-2017-2873
HistorySep 19, 2018 - 6:29 p.m.

CVE-2017-2873

2018-09-1918:29:00
CWE-78
web.nvd.nist.gov
41
cve-2017-2873
command injection
vulnerability
foscam c1
web management interface
nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.

Affected configurations

Vulners
NVD
Node
foscamc1_hd_indoor_cameraRangeFoscam Indoor IP Camera C1 Series
VendorProductVersionCPE
foscamc1_hd_indoor_camera*cpe:2.3:h:foscam:c1_hd_indoor_camera:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Foscam C1 Indoor HD Camera",
    "vendor": "Foscam",
    "versions": [
      {
        "status": "affected",
        "version": "Foscam Indoor IP Camera C1 Series"
      }
    ]
  }
]

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%