CVE-2018-19068
UnknownEPSS 1.01%
Last modified
CVE-2018-19068 is a vulnerability of currently unknown severity. An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.. EPSS estimates a 1.01% chance of exploitation in the next 30 days.
Description
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Opticam | I5 Application Firmware | 2.21.1.128 |
| Opticam | I5 System Firmware | 1.5.2.11 |
| Foscam | C2 Application Firmware | 2.72.1.32 |
| Foscam | C2 System Firmware | 1.11.1.8 |
References
- https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txtExploit, Third Party Advisory
- https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txtExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-19068?
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.
How severe is CVE-2018-19068?
Severity scoring for CVE-2018-19068 is pending analysis. The EPSS model estimates a 1.01% probability of exploitation in the next 30 days.
How do I fix CVE-2018-19068?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-19068?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST