Details of VAR-201703-1388

ID

VAR-201703-1388

TITLE

Wireless IP Camera (P2P) WIFICAM Remote Command Execution Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-02775

DESCRIPTION

WirelessIPCamera (P2P) WIFICAM is a wireless IP camera. WirelessIPCamera (P2P) WIFICAM Remote Command Execution Vulnerability. A remote command execution vulnerability exists in the inset_ftp.cgi in the FTP Configuration Common Gateway Interface (CGI). An attacker can use the ftp administrator to perform remote command execution and further gain root privileges on the network device.

Trust: 0.6

sources: CNVD: CNVD-2017-02775

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-02775

AFFECTED PRODUCTS

vendor:

foscam

model:

wireless ip camera wificam

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2017-02775

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2017-02775
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2017-02775
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2017-02775

EXTERNAL IDS

db:

CNVD

id:

CNVD-2017-02775

Trust: 0.6

sources: CNVD: CNVD-2017-02775

REFERENCES

url:	http://seclists.org/bugtraq/2017/mar/32	Trust: 0.6
url:	https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html?from=timeline&isappinstalled=0	Trust: 0.6

sources: CNVD: CNVD-2017-02775

SOURCES

db:

CNVD

id:

CNVD-2017-02775

LAST UPDATE DATE

2022-05-04T10:19:35.865000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2017-02775

date:

2017-03-18T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2017-02775

date:

2017-03-18T00:00:00