Описание
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
Ссылки
- Broken Link
- ExploitThird Party Advisory
- Broken Link
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
8.8 High
CVSS3
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
EPSS
8.8 High
CVSS3
7.2 High
CVSS3
9 Critical
CVSS2