A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 184.108.40.206. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication.
published: 19. 9. 2018