CVE-2020-36874

ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may...

CVE-2018-12669

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi...

Vulnerability Spotlight: Multiple Vulnerabilities in Foscam C1 Indoor HD Cameras

These vulnerabilities were discovered by Claudio Bozzato of Cisco Talos.Executive SummaryThe Foscam C1 Indoor HD Camera is a network-based camera that is marketed for use in a variety of applications, including use as a home security monitoring device. Talos recently identified several...

Buffer overflow

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow...

CVE-2017-2851

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow...

CVE-2017-2844

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the...

CVE-2017-2847

CVE-2017-2847 affects Foscam C1 Indoor HD Cameras via the web management CGIProxy.fcgi service. The vulnerability allows command injection through the CGIProxy setIpInfo path when configuring network settings. An attacker with an administrator account can supply crafted input in the DNS1 paramete...