Vulnerability Details CVE-2018-19071
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2018-19071
-
cpe:2.3:h:foscam:c2:-
-
cpe:2.3:h:opticam:i5:-
-
cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32
-
cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8
-
cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128
-
cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11