CVE-2017-8222

HIGH EXPLOITED IN THE WILD

Wireless IP Camera (P2P) WIFICAM - Insufficiently Protected Credentials via Hardcoded RSA Key

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2017-8222 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in the GoAhead web server used in various IP cameras. It bypasses authentication to extract credentials and then executes a reverse shell via crafted HTTP requests to the FTP configuration CGI endpoints.

Description

Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information.

Exploits (1)

exploitdb WORKING POC
cremotehardware
https://www.exploit-db.com/exploits/43142

This exploit targets a command injection vulnerability in the GoAhead web server used in various IP cameras. It bypasses authentication to extract credentials and then executes a reverse shell via crafted HTTP requests to the FTP configuration CGI endpoints.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GoAhead web server (used in IP cameras)
No auth needed
Prerequisites: Network access to the target device · GoAhead web server with vulnerable CGI endpoints
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2017/Mar/23

Scores

CVSS v3 7.5
EPSS 0.0422
EPSS Percentile 89.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2020-12-01
InTheWild.io 2017-03-08
CWE
CWE-522
Status published
Products (1)
wificam/wireless_ip_camera_\(p2p\)_firmware
Published Apr 25, 2017
Tracked Since Feb 18, 2026