CVE-2017-2856: Buffer Overflow
First published: Mon Sep 17 2018(Updated: )
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foscam C1 Firmware | =2.52.2.43 | |
| Foscam C1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2017-2856 vulnerability?
The CVE-2017-2856 vulnerability is an exploitable buffer overflow vulnerability affecting the DDNS client used by the Foscam C1 Indoor HD Camera firmware 2.52.2.43.
How severe is CVE-2017-2856 vulnerability?
The severity of CVE-2017-2856 vulnerability is critical with a CVSS score of 8.1.
What software is affected by CVE-2017-2856 vulnerability?
The Foscam C1 Firmware version 2.52.2.43 is affected by the CVE-2017-2856 vulnerability.
How can an attacker exploit CVE-2017-2856 vulnerability?
An attacker intercepting HTTP connections on devices with DDNS enabled can fully compromise the Foscam C1 camera by creating a rogue HTTP request.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/foscam
- canonical/foscam c1 firmware
- version/foscam c1 firmware/2.52.2.43
- canonical/foscam c1