Unauthenticated Persistent XSS in Foscam Opticam i5 ONVIF Devicemgmt SetHostname Method

CVE-2018-19080 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.

Learn more about our Web Application Penetration Testing UK.