Hardcoded Password Encryption Vulnerability in Foscam C2 and Opticam i5 Devices

CVE-2018-19066 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift* password in some cases.

Learn more about our Web Application Penetration Testing UK.