Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

C2 System Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2018-19063

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.

9.8CVSS

9.4AI Score

0.007EPSS

2018-11-07 06:29 PM
24
cve
cve

CVE-2018-19064

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed.

9.8CVSS

9.4AI Score

0.007EPSS

2018-11-07 06:29 PM
27
cve
cve

CVE-2018-19067

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.

9.8CVSS

9.5AI Score

0.007EPSS

2018-11-07 06:29 PM
26
cve
cve

CVE-2018-19069

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of t...

9.8CVSS

9.5AI Score

0.007EPSS

2018-11-07 06:29 PM
25
cve
cve

CVE-2018-19076

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attac...

9.8CVSS

9.5AI Score

0.007EPSS

2018-11-07 06:29 PM
33
cve
cve

CVE-2018-19078

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.

9.8CVSS

9.3AI Score

0.008EPSS

2018-11-07 06:29 PM
26
cve
cve

CVE-2018-19081

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.

9.8CVSS

9.8AI Score

0.019EPSS

2018-11-07 06:29 PM
22
cve
cve

CVE-2018-19082

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.

9.8CVSS

9.6AI Score

0.011EPSS

2018-11-07 06:29 PM
31