Credentials Management Errors

CVE-2014-1849

High

10/10

Summary

Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

Published May 14, 2014

Credentials Management Errors

CVE-2014-1849

Summary

CWE-255 - Credentials Management Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS