The popular Foscam C1 webcam has multiple vuln erabilities that, if exploited, allow retrieval of information stored in the camera and the running of arbitrary commands in it’s operating system.
A compromise of these wireless cameras is particularly disturbing when you consider they are frequently used as baby monitors and home security. Apps for computer and phone provide ready access to the camera, which captures both 720 HD video and 2-way audio. Data is stored on micro-SD cards, NVR, NAS, local hard drive, or in Foscam’s Cloud, and can also be sent with FTP.
Cisco’s Talos Intelligence Group worked with Foscam to understand and resolve 20 separate issues, and Foscam has released an update to it’s firmware, version V-2.x.2.46, that patches these vulnerabilities in several of their cameras, and can be downloaded from: https://www.foscam.com/downloads/firmware_details.html?id=1
The vulnerabilities and exploits include:
It is clear that the coding practices of programmers can introduce multiple vulnerabilities just waiting to be discovered. The companies releasing e-devices often release firmware updates when vulnerabilities are discovered or exploits are reported. When you purchase a new device, be sure to register it, save a bookmark to the Support page for your device, and sign up for email alerts when updates are released.
If you wish to read more about the Foscam Camera Vulnerabilities click here.