Описание
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tests resulting in command execution
Ссылки
- Broken Link
- Technical DescriptionThird Party AdvisoryVDB Entry
- Broken Link
- Technical DescriptionThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.0123
Низкий
8.8 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tests resulting in command execution
EPSS
Процентиль: 79%
0.0123
Низкий
8.8 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78