CVE-2016-8731

EPSS 0.78%
Veröffentlicht 21.06.2017 19:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle talos-cna@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Foscam ≫ C1 Webcam Firmware Version1.9.1.12

Foscam ≫ C1 Webcam Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.78%	0.73

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
talos-cna@cisco.com	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

http://www.securityfocus.com/bid/99193

Third Party Advisory

Broken Link

VDB Entry

https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-8731

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8731

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8731

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-8731