CVE-2018-19064

{"id": "CVE-2018-19064", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-11-07T18:29:00.803", "references": [{"url": "https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed."}, {"lang": "es", "value": "Se ha descubierto un problema en dispositivos Foscam C2 con firmware del sistema 1.11.1.8 y firmware de aplicaci\u00f3n 2.72.1.32, as\u00ed como dispositivos Opticam i5 con firmware del sistema 1.5.2.11 y firmware de aplicaci\u00f3n 2.21.1.128. La cuenta ftpuser1 tiene una contrase\u00f1a en blanco que no puede cambiarse."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42E72BBD-5418-4C2C-B8EB-997224A0CA01"}, {"criteria": "cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9E1C7BD-97E3-41F9-BC4D-9C7320C471EE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "670C0300-3A68-4AC1-B659-7727FF92D8E6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05CCF2DD-D69B-4518-B20A-376C98E2D02E"}, {"criteria": "cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28AD15E7-51C8-4B2D-BCEB-8EF2AA0B61A5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "107D84D0-9D16-4930-A312-38B7586B4B4F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}