Vendor CVEs
Foscam
All CVEs
66 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-19080 | 0.00 | — | 0.01 | Nov 7, 2018 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS. | |||
| CVE-2018-19079 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot. | |||
| CVE-2018-19076 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force… | |||
| CVE-2018-19069 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user… | |||
| CVE-2018-19063 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password. | |||
| CVE-2018-19075 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain… | |||
| CVE-2018-19066 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift*… | |||
| CVE-2018-19074 | 0.00 | — | 0.01 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking… | |||
| CVE-2018-19077 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header. | |||
| CVE-2018-19071 | 0.00 | — | 0.00 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the… | |||
| CVE-2018-19073 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters… | |||
| CVE-2018-19078 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password. | |||
| CVE-2018-19082 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field. | |||
| CVE-2014-1911 | 0.00 | — | 0.01 | Mar 6, 2014 | The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password. | |||
| CVE-2013-5215 | 0.00 | — | 0.02 | Nov 20, 2013 | Cross-site scripting (XSS) vulnerability in the web interface "WiFi scan" option in FOSCAM Wireless IP Cameras allows remote attackers to inject arbitrary web script or HTML via the SSID. | |||
| CVE-2012-3002 | 0.00 | — | 0.04 | Dec 21, 2012 | The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL. |
- CVE-2018-19080Nov 7, 2018risk 0.00cvss —epss 0.01
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.
- CVE-2018-19079Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot.
- CVE-2018-19076Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force…
- CVE-2018-19069Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user…
- CVE-2018-19063Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.
- CVE-2018-19075Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain…
- CVE-2018-19066Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift*…
- CVE-2018-19074Nov 7, 2018risk 0.00cvss —epss 0.01
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking…
- CVE-2018-19077Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header.
- CVE-2018-19071Nov 7, 2018risk 0.00cvss —epss 0.00
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the…
- CVE-2018-19073Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters…
- CVE-2018-19078Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.
- CVE-2018-19082Nov 7, 2018risk 0.00cvss —epss 0.02
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.
- CVE-2014-1911Mar 6, 2014risk 0.00cvss —epss 0.01
The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password.
- CVE-2013-5215Nov 20, 2013risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the web interface "WiFi scan" option in FOSCAM Wireless IP Cameras allows remote attackers to inject arbitrary web script or HTML via the SSID.
- CVE-2012-3002Dec 21, 2012risk 0.00cvss —epss 0.04
The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL.
Page 2 of 2