Description
An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability.
References (1)
Core 1
Core References
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0386
Scores
CVSS v3
5.3
EPSS
0.0014
EPSS Percentile
32.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-120
Status
published
Products (1)
foscam/c1_firmware
2.52.2.43
Published
Sep 19, 2018
Tracked Since
Feb 18, 2026