Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveTalosCVE-2016-8731
HistoryJun 21, 2017 - 7:29 p.m.

CVE-2016-8731

2017-06-2119:29:00
CWE-798
talos
web.nvd.nist.gov
42
foscam c1
firmware
ftp
credentials
hard-coded
vulnerability
cve-2016-8731

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

56.8%

JSON

Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.

Affected configurations

Nvd
Vulners
Node
foscamc1_webcam_firmwareMatch1.9.1.12
AND
foscamc1_webcamMatch-
VendorProductVersionCPE
foscamc1_webcam_firmware1.9.1.12cpe:2.3:o:foscam:c1_webcam_firmware:1.9.1.12:*:*:*:*:*:*:*
foscamc1_webcam-cpe:2.3:h:foscam:c1_webcam:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Foscam C1 Webcam",
    "vendor": "Foscan",
    "versions": [
      {
        "status": "affected",
        "version": "Firmware Version 1.9.1.12"
      }
    ]
  }
]

Related

nessus 3
cvelist 1
nvd 1
prion 1
seebug 1
talos 1
openvas 1
talosblog 1
nessus
nessus
Foscam C1 Hardcoded FTP Credentials (CVE-2016-8731)
2017-06-26 00:00:00
Foscam C1 Hardcoded FTP Credentials (CVE-2016-8731)
2017-06-26 00:00:00
Foscam C1 IP Camera FTP Hard Coded Password
2017-07-14 00:00:00
cvelist
cvelist
CVE-2016-8731
2017-06-21 19:00:00
nvd
nvd
CVE-2016-8731
2017-06-21 19:29:00
prion
prion
Hardcoded credentials
2017-06-21 19:29:00
seebug
seebug
Foscam C1 Webcam FTP Hard Coded Password Vulnerability(CVE-2016-8731)
2017-09-15 00:00:00
talos
talos
Foscam C1 Webcam FTP Hard Coded Password Vulnerability
2017-06-19 00:00:00
openvas
openvas
FTP Brute Force Logins Reporting
2020-03-05 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Multiple Foscam C1 Vulnerabilities Come in to Focus
2017-06-19 08:45:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

56.8%

JSON
Related for CVE-2016-8731
nessus3cvelist1nvd1prion1seebug1talos1openvas1talosblog1