[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Faleemi FSC-880 Multiple Security Vulnerabilities

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Faleemi FSC-880 Multiple Security Vulnerabilities
From: Oleg Puzanov <oleg@xxxxxxxxxxxx>
Date: Wed, 27 Sep 2017 16:40:57 +0600

Full disclosure is here: 
https://medium.com/iotsploit/faleemi-fsc-880-multiple-security-vulnerabilities-ed1d132c2cce
 
<https://medium.com/iotsploit/faleemi-fsc-880-multiple-security-vulnerabilities-ed1d132c2cce>

===

https://www.faleemi.com/product/fsc880-1080p-wirelee-ip-camera/ 
<https://www.faleemi.com/product/fsc880-1080p-wirelee-ip-camera/>
Firmware: 00.01.01.0048P2 (2017-07-27)

This camera has multiple security vulnerabilities, which can be exploited both 
locally and remotely. In particular, hardwired manufacturer DDNS and 
port-mapping to camera via upnp compatible router. Allowing for the discovered 
avoidance of authentication and RCE, this camera is an ideal candidate for 
another botnet such as Mirai.

CVE-2017–14743



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Zyxel P-2812HNU-F1 DSL router - command injection
Next by Date: [FD] [CVE-2017-11321] UCOPIA Wireless Appliance < 5.1.8 Restricted Shell Escape
Previous by thread: [FD] Zyxel P-2812HNU-F1 DSL router - command injection
Next by thread: [FD] [CVE-2017-11321] UCOPIA Wireless Appliance < 5.1.8 Restricted Shell Escape
Index(es):
- Date
- Thread