VYPR

C1

by Foscam

CVEs (7)

  • CVE-2016-8731CriJun 21, 2017
    risk 0.64cvss 9.8epss 0.03

    Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.

  • CVE-2017-7648HigApr 10, 2017
    risk 0.53cvss 8.1epss 0.02

    Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.

  • CVE-2019-9120Mar 7, 2019
    risk 0.01cvss epss 0.06

    An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…

  • CVE-2019-9117Mar 7, 2019
    risk 0.01cvss epss 0.06

    An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…

  • CVE-2019-9118Mar 7, 2019
    risk 0.01cvss epss 0.06

    An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…

  • CVE-2025-57636Sep 23, 2025
    risk 0.00cvss epss 0.01

    OS Command injection vulnerability in D-Link C1 2020-02-21. The sub_47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time".

  • CVE-2019-9121Mar 7, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…