CVEs-PoC/2017/CVE-2017-2877.md

### [CVE-2017-2877](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2877)
![](https://img.shields.io/static/v1?label=Product&message=Foscam%20C1%20Indoor%20HD%20Camera&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Foscam%20Indoor%20IP%20Camera%20C1%20Series%2CSystem%20Firmware%20Version%3A%201.9.3.18%2CApplication%20Firmware%20Version%3A%202.52.2.43%2CPlug-In%20Version%3A%203.3.0.26%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Missing%20Report%20of%20Error%20Condition&color=brightgreen)

### Description

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication.

### POC

#### Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2017-0384

#### Github
No PoCs found on GitHub currently.