CVE-2018-19067
CRITICALOpticam i5 and Foscam C2 - Use of Hard-coded Credentials
Title source: llmDescription
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt
Scores
CVSS v3
9.8
EPSS
0.0204
EPSS Percentile
78.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (4)
foscam/c2_application_firmware
2.72.1.32
foscam/c2_system_firmware
1.11.1.8
opticam/i5_application_firmware
2.21.1.128
opticam/i5_system_firmware
1.5.2.11
Published
Nov 07, 2018
Tracked Since
Feb 18, 2026