[CVE-2013-2560] Foscam <= 11.37.2.48 path traversal vulnerability
Posted on Sun 17 March 2013 in Advisory
Summary
Foscam firmware <= 11.37.2.48 is prone to a path traversal vulnerability in the embedded web interface.
The unauthenticated attacker can access to the entire filesystem and steal web & wifi credentials.
Details
GET //../proc/kcore HTTP/1.0
CVSS Version 2 Metrics
- Access Vector: Network exploitable
- Access Complexity: Low
- Authentication: Not required to exploit
- Confidentiality Impact: Complete
- Availability Impact: Complete
Disclosure Timeline
- 2013-01-18 Vendor fixed the issue in fw 11.37.2.49; no security notice
- 2013-02-21 Vulnerability found
- 2013-03-01 Public advisory
Solution
A new firmware is available on vendor's site: http://www.foscam.com/down3.aspx
References
- http://code.google.com/p/bflt-utils/
- http://wiki.openipcam.com/
Arnaud Calmejane - Frederic Basse