Medium severity6.5NVD Advisory· Published Jun 21, 2017· Updated May 13, 2026

CVE-2017-2829

Description

An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately filter characters results in allowing an attacker to specify a file outside of a directory. An attacker can simply send an HTTP request to the device to trigger this vulnerability.

Affected products

Foscam/C1 Indoor Hd Camera Firmware
cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*
Foscam/Indoor IP Camera C1 Seriesv5
Range: n/a

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.talosintelligence.com/vulnerability_reports/TALOS-2017-0330nvdExploitThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/99250nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000