A vulnerability was found in Foscam C1 Indoor HD Camera 2.52.2.43 (Network Camera Software). It has been rated as critical. This issue affects some unknown processing of the component Multi-Camera Interface. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data.

The bug was discovered 11/13/2017. The weakness was published 09/19/2018 (Website). It is possible to read the advisory at talosintelligence.com. The identification of this vulnerability is CVE-2017-2876 since 11/30/2016. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available.

The vulnerability was handled as a non-public zero-day exploit for at least 310 days. During that time the estimated underground price was around $0-$5k.

Addressing this vulnerability is possible by firewalling 10000.

Similar entries are available at 124238, 124237, 124236 and 124234.

Productinfo

Type

• Network Camera Software

Vendor

• Foscam

Name

• C1 Indoor HD Camera

Version

• 2.52.2.43

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion