[CVE-2013-2560] Foscam <= path traversal vulnerability

Posted on Sun 17 March 2013 in Advisory


Foscam firmware <= is prone to a path traversal vulnerability in the embedded web interface.

The unauthenticated attacker can access to the entire filesystem and steal web & wifi credentials.


GET //../proc/kcore HTTP/1.0

CVSS Version 2 Metrics

  • Access Vector: Network exploitable
  • Access Complexity: Low
  • Authentication: Not required to exploit
  • Confidentiality Impact: Complete
  • Availability Impact: Complete

Disclosure Timeline

  • 2013-01-18 Vendor fixed the issue in fw; no security notice
  • 2013-02-21 Vulnerability found
  • 2013-03-01 Public advisory


A new firmware is available on vendor's site: http://www.foscam.com/down3.aspx


  • http://code.google.com/p/bflt-utils/
  • http://wiki.openipcam.com/

Arnaud Calmejane - Frederic Basse