CVE-2017-2844

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.

CVSS v3 8.8 HIGH
CVSS v2.0 6.5 MEDIUM

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/99184	Broken Link
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0346	Technical Description Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*

cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-29 17:29

Updated : 2022-06-07 17:28

NVD link : CVE-2017-2844

Mitre link : CVE-2017-2844

CVE.ORG link : CVE-2017-2844

JSON object : View

Products Affected

foscam

c1_indoor_hd_camera
c1_indoor_hd_camera_firmware

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2017-2844", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2017-06-29T17:29:00.180", "references": [{"url": "http://www.securityfocus.com/bid/99184", "tags": ["Broken Link"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0346", "tags": ["Technical Description", "Third Party Advisory", "VDB Entry"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the \"msmtprc\" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability."}, {"lang": "es", "value": "En la interfaz de gesti\u00f3n web en Foscam C1 Indoor HD Camera que ejecuta el firmware de aplicaci\u00f3n en su versi\u00f3n 2.52.2.37, una petici\u00f3n HTTP especialmente manipulada puede permitir que un usuario inyecte datos arbitrarios en el archivo de configuraci\u00f3n \"msmtprc\", lo que resulta en la ejecuci\u00f3n de comandos. Un atacante puede simplemente enviar una petici\u00f3n HTTP al dispositivo para desencadenar esta vulnerabilidad."}], "lastModified": "2022-06-07T17:28:29.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E42CC0A-E8B0-407C-A6B8-079CC10D2271"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "24F43869-2168-407A-B546-06998CA5D572"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}

8.8 /10