NVD

Id
87370  
Name
CVE-2017-2842  
Description
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the msmtprc configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2017-06-27  
Modified Date
2017-07-05  
Seq
2017-2842  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68829 JVNDB-2017-005086 Foscam C1 Indoor HD カメラの Web 管理インターフェースにおけるコマンドインジェクションの脆弱性 Foscam C1 Indoor HD カメラの Web 管理インターフェースには、コマンドインジェクションの脆弱性が存在します。 CVE-2017-2842 0 CVE-2017-2842 87370 6.5 8.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-005086.html 2017-06-19 2017-07-14 View