CVE-2017-2854: Buffer Overflow
First published: Mon Sep 17 2018(Updated: )
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foscam C1 Firmware | =2.52.2.43 | |
| Foscam C1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2017-2854?
CVE-2017-2854 is a buffer overflow vulnerability in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43.
How severe is CVE-2017-2854?
CVE-2017-2854 has a severity rating of 8.1, which is considered critical.
How does CVE-2017-2854 affect Foscam C1 Indoor HD Camera?
CVE-2017-2854 allows an attacker to fully compromise the device by creating a rogue HTTP connection, on devices with DDNS enabled.
Is Foscam C1 vulnerable to CVE-2017-2854?
No, Foscam C1 cameras are not vulnerable to CVE-2017-2854.
How can I fix CVE-2017-2854?
To fix CVE-2017-2854, it is recommended to update the Foscam C1 Indoor HD Camera firmware to a version that addresses the vulnerability.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/foscam
- canonical/foscam c1 firmware
- version/foscam c1 firmware/2.52.2.43
- canonical/foscam c1