ID
VAR-201811-0737
CVE
CVE-2018-19076
TITLE
Foscam C2 Device and Opticam i5 Authentication vulnerabilities in devices
Trust: 0.8
DESCRIPTION
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attacks, because failed-authentication limits apply only to HTTP (not FTP or RTSP). Foscam C2 Device and Opticam i5 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Foscam C2 and Opticami 5 are network camera products from China Foscom (FOSCAM). A violent authentication attack vulnerability exists in the FoscamC2 and Opticami5 devices, which can be exploited by remote attackers to enforce brute force attacks. Security vulnerabilities exist in Foscam C2 and Opticam i5 devices
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | foscam | model: | c2 system | scope: | eq | version: | 1.11.1.8 | Trust: 2.4 |
| vendor: | foscam | model: | c2 application | scope: | eq | version: | 2.72.1.32 | Trust: 1.8 |
| vendor: | opticam | model: | i5 application | scope: | eq | version: | 2.21.1.128 | Trust: 1.8 |
| vendor: | opticam | model: | i5 system | scope: | eq | version: | 1.5.2.11 | Trust: 1.8 |
| vendor: | foscam | model: | c2 devices with system | scope: | eq | version: | 1.11.1.8 | Trust: 0.6 |
| vendor: | foscam | model: | c2 devices with application | scope: | eq | version: | 2.72.1.32 | Trust: 0.6 |
| vendor: | foscam | model: | opticam i5 devices with system | scope: | eq | version: | 1.5.2.11 | Trust: 0.6 |
| vendor: | foscam | model: | opticam i5 devices with application | scope: | eq | version: | 2.21.1.128 | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-287 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
authorization issue
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | C2 | url: | https://www.foscam.com/C2.html | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-19076 | Trust: 3.1 |
| db: | JVNDB | id: | JVNDB-2018-011672 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201811-153 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2019-04042 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-129699 | Trust: 0.1 |
REFERENCES
| url: | https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-19076 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19076 | Trust: 0.8 |
| url: | https://www.verkkokauppa.com/fi/product/52328/fcqxq/opticam-i5-hd-ip-kamera | Trust: 0.8 |
SOURCES
| db: | CNVD | id: | CNVD-2019-04042 |
| db: | VULHUB | id: | VHN-129699 |
| db: | JVNDB | id: | JVNDB-2018-011672 |
| db: | CNNVD | id: | CNNVD-201811-153 |
| db: | NVD | id: | CVE-2018-19076 |
LAST UPDATE DATE
2024-11-23T23:11:58.160000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2019-04042 | date: | 2019-02-13T00:00:00 |
| db: | VULHUB | id: | VHN-129699 | date: | 2018-12-11T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-011672 | date: | 2019-01-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-201811-153 | date: | 2018-11-08T00:00:00 |
| db: | NVD | id: | CVE-2018-19076 | date: | 2024-11-21T03:57:17.287 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2019-04042 | date: | 2019-02-13T00:00:00 |
| db: | VULHUB | id: | VHN-129699 | date: | 2018-11-07T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-011672 | date: | 2019-01-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-201811-153 | date: | 2018-11-08T00:00:00 |
| db: | NVD | id: | CVE-2018-19076 | date: | 2018-11-07T18:29:05.070 |