[CVE-2013-2560] Foscam <= 11.37.2.48 path traversal vulnerability

Posted on Sun 17 March 2013 in Advisory

Summary

Foscam firmware <= 11.37.2.48 is prone to a path traversal vulnerability in the embedded web interface.

The unauthenticated attacker can access to the entire filesystem and steal web & wifi credentials.

Details

GET //../proc/kcore HTTP/1.0

CVSS Version 2 Metrics

  • Access Vector: Network exploitable
  • Access Complexity: Low
  • Authentication: Not required to exploit
  • Confidentiality Impact: Complete
  • Availability Impact: Complete

Disclosure Timeline

  • 2013-01-18 Vendor fixed the issue in fw 11.37.2.49; no security notice
  • 2013-02-21 Vulnerability found
  • 2013-03-01 Public advisory

Solution

A new firmware is available on vendor's site: http://www.foscam.com/down3.aspx

References

  • http://code.google.com/p/bflt-utils/
  • http://wiki.openipcam.com/

Arnaud Calmejane - Frederic Basse