CVE-2014-1849

Foscam IP Camera Firmware - Predictable Credential Generation in DynDNS Feature

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-1849. PoCs published by Sergey Shekyan.

AI-analyzed exploit summary This exploit demonstrates a security bypass vulnerability in Foscam IP Camera firmware versions 11.37.2.49 and prior. It crafts UDP payloads to interact with the camera's DDNS service, potentially allowing unauthorized access to sensitive information or actions.

Description

Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Sergey Shekyan · cremotehardware
https://www.exploit-db.com/exploits/39195

This exploit demonstrates a security bypass vulnerability in Foscam IP Camera firmware versions 11.37.2.49 and prior. It crafts UDP payloads to interact with the camera's DDNS service, potentially allowing unauthorized access to sensitive information or actions.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Foscam IP Camera firmware <= 11.37.2.49
No auth needed
Prerequisites: Network access to the target Foscam IP Camera · Knowledge of the camera's hostname or IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.2113
EPSS Percentile 95.8%

Details

CWE
CWE-255
Status published
Products (1)
foscam/ip_camera_firmware 11.37.2.49
Published May 14, 2014
Tracked Since Feb 18, 2026