CVE-2017-8224

CRITICAL EXPLOITED IN THE WILD

Wireless IP Camera (P2P) WIFICAM Firmware - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2017-8224 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in the GoAhead web server used in various IP cameras. It bypasses authentication to extract credentials and then executes arbitrary commands via crafted HTTP requests to the FTP configuration CGI scripts.

Description

Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET.

Exploits (1)

exploitdb WORKING POC
cremotehardware
https://www.exploit-db.com/exploits/43142

This exploit targets a command injection vulnerability in the GoAhead web server used in various IP cameras. It bypasses authentication to extract credentials and then executes arbitrary commands via crafted HTTP requests to the FTP configuration CGI scripts.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GoAhead web server (used in IP cameras)
No auth needed
Prerequisites: Network access to the target device · GoAhead web server with vulnerable CGI scripts
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2017/Mar/23

Scores

CVSS v3 9.8
EPSS 0.1191
EPSS Percentile 93.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2020-12-01
InTheWild.io 2017-03-08
CWE
CWE-798
Status published
Products (1)
wificam/wireless_ip_camera_\(p2p\)_firmware
Published Apr 25, 2017
Tracked Since Feb 18, 2026