Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Faleemi FSC-880 Multiple Security Vulnerabilities

From: Oleg Puzanov <oleg () iotsploit co>
Date: Wed, 27 Sep 2017 16:40:57 +0600
Full disclosure is here: https://medium.com/iotsploit/faleemi-fsc-880-multiple-security-vulnerabilities-ed1d132c2cce 
<https://medium.com/iotsploit/faleemi-fsc-880-multiple-security-vulnerabilities-ed1d132c2cce>

===

https://www.faleemi.com/product/fsc880-1080p-wirelee-ip-camera/ 
<https://www.faleemi.com/product/fsc880-1080p-wirelee-ip-camera/>
Firmware: 00.01.01.0048P2 (2017-07-27)

This camera has multiple security vulnerabilities, which can be exploited both locally and remotely. In particular, 
hardwired manufacturer DDNS and port-mapping to camera via upnp compatible router. Allowing for the discovered 
avoidance of authentication and RCE, this camera is an ideal candidate for another botnet such as Mirai.

CVE-2017–14743



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: