CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2845

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tests resulting in command execution

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://www.securityfocus.com/bid/99184
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0347
http://www.securityfocus.com/bid/99184
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0347

Products affected by CVE-2017-2845

Foscam » C1 Indoor Hd Camera » Version: N/A

cpe:2.3:h:foscam:c1_indoor_hd_camera:-
Foscam » C1 Indoor Hd Camera Firmware » Version: 2.52.2.37

cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2845

Products

Pricing

Contact Us