Sign-up

ID

VAR-201304-0520


TITLE

Multiple Foscam IP Cameras Cross-Site Request Forgery Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2013-02939

DESCRIPTION

Allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context. Such as deleting user records, adding users, etc. Foscam IP Cameras is a series of wireless IP camera products from China Foscam. There are multiple cross-site request forgery vulnerabilities in multiple Foscam IP Cameras. A remote attacker could use these vulnerabilities to perform certain unauthorized operations, resulting in further attacks. The following products have vulnerabilities: Foscam FI8910W running Embedded Web Interface version 2.4.10.3, Foscam FI8908W running Embedded Web Interface version 2.4.10.3. This may lead to further attacks

Trust: 1.35

sources: CNVD: CNVD-2013-02939 // CNNVD: CNNVD-201304-160 // BID: 58943

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-02939

AFFECTED PRODUCTS

vendor: - model:foscam intelligent technology limited copyright. foscam fi8910w fi8908wscope:lteversion:<=2.4.10.3

Trust: 0.6

sources: CNVD: CNVD-2013-02939

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-02939
value: LOW

Trust: 0.6

CNVD: CNVD-2013-02939
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2013-02939

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-160

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201304-160

EXTERNAL IDS

db:BIDid:58943

Trust: 1.5

db:CNVDid:CNVD-2013-02939

Trust: 0.6

db:CNNVDid:CNNVD-201304-160

Trust: 0.6

sources: CNVD: CNVD-2013-02939 // BID: 58943 // CNNVD: CNNVD-201304-160

REFERENCES

url:http://seclists.org/bugtraq/2013/apr/87

Trust: 0.6

url:http://www.securityfocus.com/bid/58943

Trust: 0.6

url:http://foscam.us/products/foscam-fi8918w-wireless-ip-camera-11.html?gclid=conjnk-f5lucfczfmgodubsadg

Trust: 0.3

url:http://www.foscam.es/descarga/ipcam_cgi_sdk.pdf

Trust: 0.3

sources: CNVD: CNVD-2013-02939 // BID: 58943 // CNNVD: CNNVD-201304-160

CREDITS

shekyan

Trust: 0.9

sources: BID: 58943 // CNNVD: CNNVD-201304-160

SOURCES

db:CNVDid:CNVD-2013-02939
db:BIDid:58943
db:CNNVDid:CNNVD-201304-160

LAST UPDATE DATE

2022-05-17T02:09:06.914000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-02939date:2013-04-17T00:00:00
db:BIDid:58943date:2013-04-09T00:00:00
db:CNNVDid:CNNVD-201304-160date:2013-04-12T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-02939date:2013-04-12T00:00:00
db:BIDid:58943date:2013-04-09T00:00:00
db:CNNVDid:CNNVD-201304-160date:2013-04-12T00:00:00