Описание
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:foscam:c1:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c1_lite:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:c2:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9800xe:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9826p:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9828p:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9851p:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9853ep:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9901ep:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9903p:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:fi9928p:*:*:*:*:*:*:*:*
cpe:2.3:h:foscam:r2:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00621
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
EPSS
Процентиль: 70%
0.00621
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-798