CVE-2017-8221

HIGH EXPLOITED IN THE WILD

Wificam Wireless IP Camera (p2p) Firmware - Missing Encryption

Title source: rule

Description

Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud feature) for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network.

Exploits (1)

exploitdb WORKING POC

cremotehardware

https://www.exploit-db.com/exploits/43142

View Code ZIP pw:eip

References (2)

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2017/Mar/23

[Exploit, Third Party Advisory] https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#cloud

Scores

CVSS v3 7.5

EPSS 0.1907

EPSS Percentile 95.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2020-12-01

InTheWild.io 2017-03-08

CWE

CWE-311

Status published

Products (1)

wificam/wireless_ip_camera_\(p2p\)_firmware

Published Apr 25, 2017

Tracked Since Feb 18, 2026