Security Advisory

CVE-2017-2841

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-06-27 15:00:00

Last updated 2024-08-05 14:09:16

Assigner talos

State PUBLISHED

Description

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗