CVE-2017-2857: Buffer Overflow
First published: Mon Sep 17 2018(Updated: )
An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foscam C1 Firmware | =2.52.2.43 | |
| Foscam C1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-2857?
The severity of CVE-2017-2857 is critical with a CVSS score of 8.1.
What is the affected software of CVE-2017-2857?
The affected software of CVE-2017-2857 is Foscam C1 Firmware version 2.52.2.43.
How does the vulnerability in CVE-2017-2857 occur?
The vulnerability in CVE-2017-2857 occurs due to a buffer overflow in the DDNS client used by the Foscam C1 Indoor HD Camera.
Can an attacker fully compromise the device affected by CVE-2017-2857?
Yes, an attacker who is able to intercept HTTP connections can fully compromise the device affected by CVE-2017-2857.
Is the Foscam C1 camera itself vulnerable to CVE-2017-2857?
No, the Foscam C1 camera itself is not vulnerable to CVE-2017-2857.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/author
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/foscam
- canonical/foscam c1 firmware
- version/foscam c1 firmware/2.52.2.43
- canonical/foscam c1